1
/*-
2
 * SPDX-License-Identifier: BSD-3-Clause
3
 *
4
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 * 1. Redistributions of source code must retain the above copyright
11
 *    notice, this list of conditions and the following disclaimer.
12
 * 2. Redistributions in binary form must reproduce the above copyright
13
 *    notice, this list of conditions and the following disclaimer in the
14
 *    documentation and/or other materials provided with the distribution.
15
 * 3. Neither the name of the project nor the names of its contributors
16
 *    may be used to endorse or promote products derived from this software
17
 *    without specific prior written permission.
18
 *
19
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29
 * SUCH DAMAGE.
30
 *
31
 *	$KAME: in6.c,v 1.259 2002/01/21 11:37:50 keiichi Exp $
32
 */
33

34
/*-
35
 * Copyright (c) 1982, 1986, 1991, 1993
36
 *	The Regents of the University of California.  All rights reserved.
37
 *
38
 * Redistribution and use in source and binary forms, with or without
39
 * modification, are permitted provided that the following conditions
40
 * are met:
41
 * 1. Redistributions of source code must retain the above copyright
42
 *    notice, this list of conditions and the following disclaimer.
43
 * 2. Redistributions in binary form must reproduce the above copyright
44
 *    notice, this list of conditions and the following disclaimer in the
45
 *    documentation and/or other materials provided with the distribution.
46
 * 3. Neither the name of the University nor the names of its contributors
47
 *    may be used to endorse or promote products derived from this software
48
 *    without specific prior written permission.
49
 *
50
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
60
 * SUCH DAMAGE.
61
 */
62

63
#include "opt_inet.h"
64
#include "opt_inet6.h"
65

66
#include <sys/param.h>
67
#include <sys/eventhandler.h>
68
#include <sys/errno.h>
69
#include <sys/jail.h>
70
#include <sys/malloc.h>
71
#include <sys/socket.h>
72
#include <sys/socketvar.h>
73
#include <sys/sockio.h>
74
#include <sys/systm.h>
75
#include <sys/priv.h>
76
#include <sys/proc.h>
77
#include <sys/time.h>
78
#include <sys/kernel.h>
79
#include <sys/lock.h>
80
#include <sys/rmlock.h>
81
#include <sys/sysctl.h>
82
#include <sys/syslog.h>
83

84
#include <net/if.h>
85
#include <net/if_var.h>
86
#include <net/if_private.h>
87
#include <net/if_types.h>
88
#include <net/if_bridgevar.h>
89
#include <net/route.h>
90
#include <net/route/route_ctl.h>
91
#include <net/route/nhop.h>
92
#include <net/if_dl.h>
93
#include <net/vnet.h>
94

95
#include <netinet/in.h>
96
#include <netinet/in_var.h>
97
#include <net/if_llatbl.h>
98
#include <netinet/if_ether.h>
99
#include <netinet/in_systm.h>
100
#include <netinet/ip.h>
101
#include <netinet/in_pcb.h>
102
#include <netinet/ip_carp.h>
103
#include <netinet/icmp6.h>
104

105
#include <netinet/ip6.h>
106
#include <netinet6/ip6_var.h>
107
#include <netinet6/nd6.h>
108
#include <netinet6/mld6_var.h>
109
#include <netinet6/ip6_mroute.h>
110
#include <netinet6/in6_ifattach.h>
111
#include <netinet6/scope6_var.h>
112
#include <netinet6/in6_fib.h>
113
#include <netinet6/in6_pcb.h>
114

115
#ifdef MAC
116
#include <security/mac/mac_framework.h>
117
#endif
118

119
/*
120
 * struct in6_ifreq and struct ifreq must be type punnable for common members
121
 * of ifr_ifru to allow accessors to be shared.
122
 */
123
_Static_assert(offsetof(struct in6_ifreq, ifr_ifru) ==
124
    offsetof(struct ifreq, ifr_ifru),
125
    "struct in6_ifreq and struct ifreq are not type punnable");
126

127
VNET_DEFINE_STATIC(int, icmp6_nodeinfo_oldmcprefix) = 1;
128
#define V_icmp6_nodeinfo_oldmcprefix	VNET(icmp6_nodeinfo_oldmcprefix)
129
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO_OLDMCPREFIX,
130
    nodeinfo_oldmcprefix, CTLFLAG_VNET | CTLFLAG_RW,
131
    &VNET_NAME(icmp6_nodeinfo_oldmcprefix), 0,
132
    "Join old IPv6 NI group address in draft-ietf-ipngwg-icmp-name-lookup "
133
    "for compatibility with KAME implementation");
134

135
VNET_DEFINE_STATIC(int, nd6_useloopback) = 1;
136
#define	V_nd6_useloopback	VNET(nd6_useloopback)
137
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, nd6_useloopback,
138
    CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(nd6_useloopback), 0,
139
    "Create a loopback route when configuring an IPv6 address");
140

141
/*
142
 * Definitions of some costant IP6 addresses.
143
 */
144
const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
145
const struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT;
146
const struct in6_addr in6addr_nodelocal_allnodes =
147
	IN6ADDR_NODELOCAL_ALLNODES_INIT;
148
const struct in6_addr in6addr_linklocal_allnodes =
149
	IN6ADDR_LINKLOCAL_ALLNODES_INIT;
150
const struct in6_addr in6addr_linklocal_allrouters =
151
	IN6ADDR_LINKLOCAL_ALLROUTERS_INIT;
152
const struct in6_addr in6addr_linklocal_allv2routers =
153
	IN6ADDR_LINKLOCAL_ALLV2ROUTERS_INIT;
154

155
const struct in6_addr in6mask0 = IN6MASK0;
156
const struct in6_addr in6mask32 = IN6MASK32;
157
const struct in6_addr in6mask64 = IN6MASK64;
158
const struct in6_addr in6mask96 = IN6MASK96;
159
const struct in6_addr in6mask128 = IN6MASK128;
160

161
const struct sockaddr_in6 sa6_any =
162
	{ sizeof(sa6_any), AF_INET6, 0, 0, IN6ADDR_ANY_INIT, 0 };
163

164
static int in6_notify_ifa(struct ifnet *, struct in6_ifaddr *,
165
	struct in6_aliasreq *, int);
166
static void in6_unlink_ifa(struct in6_ifaddr *, struct ifnet *);
167

168
static int in6_validate_ifra(struct ifnet *, struct in6_aliasreq *,
169
    struct in6_ifaddr *, int);
170
static struct in6_ifaddr *in6_alloc_ifa(struct ifnet *,
171
    struct in6_aliasreq *, int flags);
172
static int in6_update_ifa_internal(struct ifnet *, struct in6_aliasreq *,
173
    struct in6_ifaddr *, int, int);
174
static int in6_broadcast_ifa(struct ifnet *, struct in6_aliasreq *,
175
    struct in6_ifaddr *, int);
176

177
static void in6_join_proxy_ndp_mc(struct ifnet *, const struct in6_addr *);
178
static void in6_leave_proxy_ndp_mc(struct ifnet *, const struct in6_addr *);
179

180
#define ifa2ia6(ifa)	((struct in6_ifaddr *)(ifa))
181
#define ia62ifa(ia6)	(&((ia6)->ia_ifa))
182

183
static struct sx in6_control_sx;
184
SX_SYSINIT(in6_control_sx, &in6_control_sx, "in6_control");
185

186
void
187
in6_newaddrmsg(struct in6_ifaddr *ia, int cmd)
188
{
189
	struct rt_addrinfo info;
190
	struct ifaddr *ifa;
191
	struct sockaddr_dl gateway;
192
	int fibnum;
193

194
	ifa = &ia->ia_ifa;
195

196
	/*
197
	 * Prepare info data for the host route.
198
	 * This code mimics one from ifa_maintain_loopback_route().
199
	 */
200
	bzero(&info, sizeof(struct rt_addrinfo));
201
	info.rti_flags = ifa->ifa_flags | RTF_HOST | RTF_STATIC | RTF_PINNED;
202
	info.rti_info[RTAX_DST] = ifa->ifa_addr;
203
	info.rti_info[RTAX_GATEWAY] = (struct sockaddr *)&gateway;
204
	link_init_sdl(ifa->ifa_ifp, (struct sockaddr *)&gateway, ifa->ifa_ifp->if_type);
205
	if (cmd != RTM_DELETE)
206
		info.rti_ifp = V_loif;
207

208
	fibnum = ia62ifa(ia)->ifa_ifp->if_fib;
209

210
	if (cmd == RTM_ADD) {
211
		rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
212
		rt_routemsg_info(cmd, &info, fibnum);
213
	} else if (cmd == RTM_DELETE) {
214
		rt_routemsg_info(cmd, &info, fibnum);
215
		rt_addrmsg(cmd, &ia->ia_ifa, fibnum);
216
	}
217
}
218

219
int
220
in6_mask2len(struct in6_addr *mask, u_char *lim0)
221
{
222
	int x = 0, y;
223
	u_char *lim = lim0, *p;
224

225
	/* ignore the scope_id part */
226
	if (lim0 == NULL || lim0 - (u_char *)mask > sizeof(*mask))
227
		lim = (u_char *)mask + sizeof(*mask);
228
	for (p = (u_char *)mask; p < lim; x++, p++) {
229
		if (*p != 0xff)
230
			break;
231
	}
232
	y = 0;
233
	if (p < lim) {
234
		for (y = 0; y < 8; y++) {
235
			if ((*p & (0x80 >> y)) == 0)
236
				break;
237
		}
238
	}
239

240
	/*
241
	 * when the limit pointer is given, do a stricter check on the
242
	 * remaining bits.
243
	 */
244
	if (p < lim) {
245
		if (y != 0 && (*p & (0x00ff >> y)) != 0)
246
			return (-1);
247
		for (p = p + 1; p < lim; p++)
248
			if (*p != 0)
249
				return (-1);
250
	}
251

252
	return x * 8 + y;
253
}
254

255
#ifdef COMPAT_FREEBSD32
256
struct in6_ndifreq32 {
257
	char ifname[IFNAMSIZ];
258
	uint32_t ifindex;
259
};
260
#define	SIOCGDEFIFACE32_IN6	_IOWR('i', 86, struct in6_ndifreq32)
261
#endif
262

263
int
264
in6_control_ioctl(u_long cmd, void *data,
265
    struct ifnet *ifp, struct ucred *cred)
266
{
267
	struct	in6_ifreq *ifr = (struct in6_ifreq *)data;
268
	struct	in6_ifaddr *ia = NULL;
269
	struct	in6_aliasreq *ifra = (struct in6_aliasreq *)data;
270
	struct sockaddr_in6 *sa6;
271
	int error;
272
	bool control_locked = false;
273

274
	/*
275
	 * Compat to make pre-10.x ifconfig(8) operable.
276
	 */
277
	if (cmd == OSIOCAIFADDR_IN6) {
278
		cmd = SIOCAIFADDR_IN6;
279
		ifra->ifra_vhid = 0;
280
	}
281

282
	switch (cmd) {
283
	case SIOCGETSGCNT_IN6:
284
	case SIOCGETMIFCNT_IN6:
285
		/*
286
		 * XXX mrt_ioctl has a 3rd, unused, FIB argument in route.c.
287
		 * We cannot see how that would be needed, so do not adjust the
288
		 * KPI blindly; more likely should clean up the IPv4 variant.
289
		 */
290
		return (mrt6_ioctl ? mrt6_ioctl(cmd, data) : EOPNOTSUPP);
291
	}
292

293
	switch (cmd) {
294
	case SIOCAADDRCTL_POLICY:
295
	case SIOCDADDRCTL_POLICY:
296
		if (cred != NULL) {
297
			error = priv_check_cred(cred, PRIV_NETINET_ADDRCTRL6);
298
			if (error)
299
				return (error);
300
		}
301
		return (in6_src_ioctl(cmd, data));
302
	}
303

304
	if (ifp == NULL)
305
		return (EOPNOTSUPP);
306

307
	switch (cmd) {
308
	case SIOCSNDFLUSH_IN6:
309
	case SIOCSPFXFLUSH_IN6:
310
	case SIOCSRTRFLUSH_IN6:
311
	case SIOCSDEFIFACE_IN6:
312
	case SIOCSIFINFO_FLAGS:
313
	case SIOCSIFINFO_IN6:
314
		if (cred != NULL) {
315
			error = priv_check_cred(cred, PRIV_NETINET_ND6);
316
			if (error)
317
				return (error);
318
		}
319
		/* FALLTHROUGH */
320
	case SIOCGIFINFO_IN6:
321
	case SIOCGNBRINFO_IN6:
322
	case SIOCGDEFIFACE_IN6:
323
		return (nd6_ioctl(cmd, data, ifp));
324

325
#ifdef COMPAT_FREEBSD32
326
	case SIOCGDEFIFACE32_IN6:
327
		{
328
			struct in6_ndifreq ndif;
329
			struct in6_ndifreq32 *ndif32;
330

331
			error = nd6_ioctl(SIOCGDEFIFACE_IN6, (caddr_t)&ndif,
332
			    ifp);
333
			if (error)
334
				return (error);
335
			ndif32 = (struct in6_ndifreq32 *)data;
336
			ndif32->ifindex = ndif.ifindex;
337
			return (0);
338
		}
339
#endif
340
	}
341

342
	switch (cmd) {
343
	case SIOCSIFPREFIX_IN6:
344
	case SIOCDIFPREFIX_IN6:
345
	case SIOCAIFPREFIX_IN6:
346
	case SIOCCIFPREFIX_IN6:
347
	case SIOCSGIFPREFIX_IN6:
348
	case SIOCGIFPREFIX_IN6:
349
		log(LOG_NOTICE,
350
		    "prefix ioctls are now invalidated. "
351
		    "please use ifconfig.\n");
352
		return (EOPNOTSUPP);
353
	}
354

355
	switch (cmd) {
356
	case SIOCSSCOPE6:
357
		if (cred != NULL) {
358
			error = priv_check_cred(cred, PRIV_NETINET_SCOPE6);
359
			if (error)
360
				return (error);
361
		}
362
		/* FALLTHROUGH */
363
	case SIOCGSCOPE6:
364
	case SIOCGSCOPE6DEF:
365
		return (scope6_ioctl(cmd, data, ifp));
366
	}
367

368
	/*
369
	 * Find address for this interface, if it exists.
370
	 *
371
	 * In netinet code, we have checked ifra_addr in SIOCSIF*ADDR operation
372
	 * only, and used the first interface address as the target of other
373
	 * operations (without checking ifra_addr).  This was because netinet
374
	 * code/API assumed at most 1 interface address per interface.
375
	 * Since IPv6 allows a node to assign multiple addresses
376
	 * on a single interface, we almost always look and check the
377
	 * presence of ifra_addr, and reject invalid ones here.
378
	 * It also decreases duplicated code among SIOC*_IN6 operations.
379
	 */
380
	switch (cmd) {
381
	case SIOCAIFADDR_IN6:
382
	case SIOCSIFPHYADDR_IN6:
383
		sa6 = &ifra->ifra_addr;
384
		break;
385
	case SIOCSIFADDR_IN6:
386
	case SIOCGIFADDR_IN6:
387
	case SIOCSIFDSTADDR_IN6:
388
	case SIOCSIFNETMASK_IN6:
389
	case SIOCGIFDSTADDR_IN6:
390
	case SIOCGIFNETMASK_IN6:
391
	case SIOCDIFADDR_IN6:
392
	case SIOCGIFPSRCADDR_IN6:
393
	case SIOCGIFPDSTADDR_IN6:
394
	case SIOCGIFAFLAG_IN6:
395
	case SIOCSNDFLUSH_IN6:
396
	case SIOCSPFXFLUSH_IN6:
397
	case SIOCSRTRFLUSH_IN6:
398
	case SIOCGIFALIFETIME_IN6:
399
	case SIOCGIFSTAT_IN6:
400
	case SIOCGIFSTAT_ICMP6:
401
		sa6 = &ifr->ifr_addr;
402
		break;
403
	case SIOCSIFADDR:
404
	case SIOCSIFBRDADDR:
405
	case SIOCSIFDSTADDR:
406
	case SIOCSIFNETMASK:
407
		/*
408
		 * Although we should pass any non-INET6 ioctl requests
409
		 * down to driver, we filter some legacy INET requests.
410
		 * Drivers trust SIOCSIFADDR et al to come from an already
411
		 * privileged layer, and do not perform any credentials
412
		 * checks or input validation.
413
		 */
414
		return (EINVAL);
415
	default:
416
		sa6 = NULL;
417
		break;
418
	}
419
	if (sa6 && sa6->sin6_family == AF_INET6) {
420
		if (sa6->sin6_scope_id != 0)
421
			error = sa6_embedscope(sa6, 0);
422
		else
423
			error = in6_setscope(&sa6->sin6_addr, ifp, NULL);
424
		if (error != 0)
425
			return (error);
426
		if (cred != NULL && (error = prison_check_ip6(cred,
427
		    &sa6->sin6_addr)) != 0)
428
			return (error);
429
		sx_xlock(&in6_control_sx);
430
		control_locked = true;
431
		ia = in6ifa_ifpwithaddr(ifp, &sa6->sin6_addr);
432
	} else
433
		ia = NULL;
434

435
	switch (cmd) {
436
	case SIOCSIFADDR_IN6:
437
	case SIOCSIFDSTADDR_IN6:
438
	case SIOCSIFNETMASK_IN6:
439
		/*
440
		 * Since IPv6 allows a node to assign multiple addresses
441
		 * on a single interface, SIOCSIFxxx ioctls are deprecated.
442
		 */
443
		/* we decided to obsolete this command (20000704) */
444
		error = EINVAL;
445
		goto out;
446

447
	case SIOCDIFADDR_IN6:
448
		/*
449
		 * for IPv4, we look for existing in_ifaddr here to allow
450
		 * "ifconfig if0 delete" to remove the first IPv4 address on
451
		 * the interface.  For IPv6, as the spec allows multiple
452
		 * interface address from the day one, we consider "remove the
453
		 * first one" semantics to be not preferable.
454
		 */
455
		if (ia == NULL) {
456
			error = EADDRNOTAVAIL;
457
			goto out;
458
		}
459
		/* FALLTHROUGH */
460
	case SIOCAIFADDR_IN6:
461
		/*
462
		 * We always require users to specify a valid IPv6 address for
463
		 * the corresponding operation.
464
		 */
465
		if (ifra->ifra_addr.sin6_family != AF_INET6 ||
466
		    ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6)) {
467
			error = EAFNOSUPPORT;
468
			goto out;
469
		}
470

471
		if (cred != NULL) {
472
			error = priv_check_cred(cred, (cmd == SIOCDIFADDR_IN6) ?
473
			    PRIV_NET_DELIFADDR : PRIV_NET_ADDIFADDR);
474
			if (error)
475
				goto out;
476
		}
477
		/* FALLTHROUGH */
478
	case SIOCGIFSTAT_IN6:
479
	case SIOCGIFSTAT_ICMP6:
480
		if (ifp->if_inet6 == NULL) {
481
			error = EPFNOSUPPORT;
482
			goto out;
483
		}
484
		break;
485

486
	case SIOCGIFADDR_IN6:
487
		/* This interface is basically deprecated. use SIOCGIFCONF. */
488
		/* FALLTHROUGH */
489
	case SIOCGIFAFLAG_IN6:
490
	case SIOCGIFNETMASK_IN6:
491
	case SIOCGIFDSTADDR_IN6:
492
	case SIOCGIFALIFETIME_IN6:
493
		/* must think again about its semantics */
494
		if (ia == NULL) {
495
			error = EADDRNOTAVAIL;
496
			goto out;
497
		}
498
		break;
499
	}
500

501
	switch (cmd) {
502
	case SIOCGIFADDR_IN6:
503
		ifr->ifr_addr = ia->ia_addr;
504
		if ((error = sa6_recoverscope(&ifr->ifr_addr)) != 0)
505
			goto out;
506
		break;
507

508
	case SIOCGIFDSTADDR_IN6:
509
		if ((ifp->if_flags & IFF_POINTOPOINT) == 0) {
510
			error = EINVAL;
511
			goto out;
512
		}
513
		ifr->ifr_dstaddr = ia->ia_dstaddr;
514
		if ((error = sa6_recoverscope(&ifr->ifr_dstaddr)) != 0)
515
			goto out;
516
		break;
517

518
	case SIOCGIFNETMASK_IN6:
519
		ifr->ifr_addr = ia->ia_prefixmask;
520
		break;
521

522
	case SIOCGIFAFLAG_IN6:
523
		ifr->ifr_ifru.ifru_flags6 = ia->ia6_flags;
524
		break;
525

526
	case SIOCGIFSTAT_IN6:
527
		COUNTER_ARRAY_COPY(ifp->if_inet6->in6_ifstat,
528
		    &ifr->ifr_ifru.ifru_stat,
529
		    sizeof(struct in6_ifstat) / sizeof(uint64_t));
530
		break;
531

532
	case SIOCGIFSTAT_ICMP6:
533
		COUNTER_ARRAY_COPY(ifp->if_inet6->icmp6_ifstat,
534
		    &ifr->ifr_ifru.ifru_icmp6stat,
535
		    sizeof(struct icmp6_ifstat) / sizeof(uint64_t));
536
		break;
537

538
	case SIOCGIFALIFETIME_IN6:
539
		ifr->ifr_ifru.ifru_lifetime = ia->ia6_lifetime;
540
		if (ia->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) {
541
			time_t maxexpire;
542
			struct in6_addrlifetime *retlt =
543
			    &ifr->ifr_ifru.ifru_lifetime;
544

545
			/*
546
			 * XXX: adjust expiration time assuming time_t is
547
			 * signed.
548
			 */
549
			maxexpire = (-1) &
550
			    ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
551
			if (ia->ia6_lifetime.ia6t_vltime <
552
			    maxexpire - ia->ia6_updatetime) {
553
				retlt->ia6t_expire = ia->ia6_updatetime +
554
				    ia->ia6_lifetime.ia6t_vltime;
555
			} else
556
				retlt->ia6t_expire = maxexpire;
557
		}
558
		if (ia->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME) {
559
			time_t maxexpire;
560
			struct in6_addrlifetime *retlt =
561
			    &ifr->ifr_ifru.ifru_lifetime;
562

563
			/*
564
			 * XXX: adjust expiration time assuming time_t is
565
			 * signed.
566
			 */
567
			maxexpire = (-1) &
568
			    ~((time_t)1 << ((sizeof(maxexpire) * 8) - 1));
569
			if (ia->ia6_lifetime.ia6t_pltime <
570
			    maxexpire - ia->ia6_updatetime) {
571
				retlt->ia6t_preferred = ia->ia6_updatetime +
572
				    ia->ia6_lifetime.ia6t_pltime;
573
			} else
574
				retlt->ia6t_preferred = maxexpire;
575
		}
576
		break;
577

578
	case SIOCAIFADDR_IN6:
579
#ifdef MAC
580
		/* Check if a MAC policy disallows setting the IPv6 address. */
581
		error = mac_inet6_check_add_addr(cred, &sa6->sin6_addr, ifp);
582
		if (error != 0)
583
			goto out;
584
#endif
585
		error = in6_addifaddr(ifp, ifra, ia);
586
		ia = NULL;
587
		goto out;
588

589
	case SIOCDIFADDR_IN6:
590
		in6_purgeifaddr(ia);
591
		EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
592
		    IFADDR_EVENT_DEL);
593
		break;
594

595
	default:
596
		if (ifp->if_ioctl == NULL) {
597
			error = EOPNOTSUPP;
598
			goto out;
599
		}
600
		error = (*ifp->if_ioctl)(ifp, cmd, data);
601
		goto out;
602
	}
603

604
	error = 0;
605
out:
606
	if (control_locked)
607
		sx_xunlock(&in6_control_sx);
608

609
	if (ia != NULL)
610
		ifa_free(&ia->ia_ifa);
611
	return (error);
612
}
613

614
int
615
in6_control(struct socket *so, u_long cmd, void *data,
616
    struct ifnet *ifp, struct thread *td)
617
{
618
	return (in6_control_ioctl(cmd, data, ifp, td ? td->td_ucred : NULL));
619
}
620

621
static struct in6_multi_mship *
622
in6_joingroup_legacy(struct ifnet *ifp, const struct in6_addr *mcaddr,
623
    int *errorp, int delay)
624
{
625
	struct in6_multi_mship *imm;
626
	int error;
627

628
	imm = malloc(sizeof(*imm), M_IP6MADDR, M_NOWAIT);
629
	if (imm == NULL) {
630
		*errorp = ENOBUFS;
631
		return (NULL);
632
	}
633

634
	delay = (delay * MLD_FASTHZ) / hz;
635

636
	error = in6_joingroup(ifp, mcaddr, NULL, &imm->i6mm_maddr, delay);
637
	if (error) {
638
		*errorp = error;
639
		free(imm, M_IP6MADDR);
640
		return (NULL);
641
	}
642

643
	return (imm);
644
}
645

646
static int
647
in6_solicited_node_maddr(struct in6_addr *maddr,
648
    struct ifnet *ifp, const struct in6_addr *base)
649
{
650
	int error;
651

652
	bzero(maddr, sizeof(struct in6_addr));
653
	maddr->s6_addr32[0] = IPV6_ADDR_INT32_MLL;
654
	maddr->s6_addr32[2] = htonl(1);
655
	maddr->s6_addr32[3] = base->s6_addr32[3];
656
	maddr->s6_addr8[12] = 0xff;
657
	if ((error = in6_setscope(maddr, ifp, NULL)) != 0) {
658
		/* XXX: should not happen */
659
		log(LOG_ERR, "%s: in6_setscope failed\n", __func__);
660
	}
661

662
	return error;
663
}
664

665
/*
666
 * Join necessary multicast groups.  Factored out from in6_update_ifa().
667
 * This entire work should only be done once, for the default FIB.
668
 */
669
static int
670
in6_update_ifa_join_mc(struct ifnet *ifp, struct in6_aliasreq *ifra,
671
    struct in6_ifaddr *ia, int flags, struct in6_multi **in6m_sol)
672
{
673
	char ip6buf[INET6_ADDRSTRLEN];
674
	struct in6_addr mltaddr;
675
	struct in6_multi_mship *imm;
676
	int delay, error;
677

678
	KASSERT(in6m_sol != NULL, ("%s: in6m_sol is NULL", __func__));
679

680
	/* Join solicited multicast addr for new host id. */
681
	if ((error = in6_solicited_node_maddr(&mltaddr, ifp,
682
	    &ifra->ifra_addr.sin6_addr)) != 0)
683
		goto cleanup;
684
	delay = error = 0;
685
	if ((flags & IN6_IFAUPDATE_DADDELAY)) {
686
		/*
687
		 * We need a random delay for DAD on the address being
688
		 * configured.  It also means delaying transmission of the
689
		 * corresponding MLD report to avoid report collision.
690
		 * [RFC 4861, Section 6.3.7]
691
		 */
692
		delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
693
	}
694
	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
695
	if (imm == NULL) {
696
		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
697
		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
698
		    if_name(ifp), error));
699
		goto cleanup;
700
	}
701
	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
702
	*in6m_sol = imm->i6mm_maddr;
703

704
	/*
705
	 * Join link-local all-nodes address.
706
	 */
707
	mltaddr = in6addr_linklocal_allnodes;
708
	if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
709
		goto cleanup; /* XXX: should not fail */
710

711
	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
712
	if (imm == NULL) {
713
		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
714
		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf, &mltaddr),
715
		    if_name(ifp), error));
716
		goto cleanup;
717
	}
718
	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
719

720
	/*
721
	 * Join node information group address.
722
	 */
723
	delay = 0;
724
	if ((flags & IN6_IFAUPDATE_DADDELAY)) {
725
		/*
726
		 * The spec does not say anything about delay for this group,
727
		 * but the same logic should apply.
728
		 */
729
		delay = arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz);
730
	}
731
	if (in6_nigroup(ifp, NULL, -1, &mltaddr) == 0) {
732
		/* XXX jinmei */
733
		imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
734
		if (imm == NULL)
735
			nd6log((LOG_WARNING,
736
			    "%s: in6_joingroup failed for %s on %s "
737
			    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
738
			    &mltaddr), if_name(ifp), error));
739
			/* XXX not very fatal, go on... */
740
		else
741
			LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
742
	}
743
	if (V_icmp6_nodeinfo_oldmcprefix &&
744
	    in6_nigroup_oldmcprefix(ifp, NULL, -1, &mltaddr) == 0) {
745
		imm = in6_joingroup_legacy(ifp, &mltaddr, &error, delay);
746
		if (imm == NULL)
747
			nd6log((LOG_WARNING,
748
			    "%s: in6_joingroup failed for %s on %s "
749
			    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
750
			    &mltaddr), if_name(ifp), error));
751
			/* XXX not very fatal, go on... */
752
		else
753
			LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
754
	}
755

756
	/*
757
	 * Join interface-local all-nodes address.
758
	 * (ff01::1%ifN, and ff01::%ifN/32)
759
	 */
760
	mltaddr = in6addr_nodelocal_allnodes;
761
	if ((error = in6_setscope(&mltaddr, ifp, NULL)) != 0)
762
		goto cleanup; /* XXX: should not fail */
763

764
	imm = in6_joingroup_legacy(ifp, &mltaddr, &error, 0);
765
	if (imm == NULL) {
766
		nd6log((LOG_WARNING, "%s: in6_joingroup failed for %s on %s "
767
		    "(errno=%d)\n", __func__, ip6_sprintf(ip6buf,
768
		    &mltaddr), if_name(ifp), error));
769
		goto cleanup;
770
	}
771
	LIST_INSERT_HEAD(&ia->ia6_memberships, imm, i6mm_chain);
772

773
cleanup:
774
	return (error);
775
}
776

777
/*
778
 * Update parameters of an IPv6 interface address.
779
 * If necessary, a new entry is created and linked into address chains.
780
 * This function is separated from in6_control().
781
 */
782
int
783
in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
784
    struct in6_ifaddr *ia, int flags)
785
{
786
	int error, hostIsNew = 0;
787

788
	if ((error = in6_validate_ifra(ifp, ifra, ia, flags)) != 0)
789
		return (error);
790

791
	if (ia == NULL) {
792
		hostIsNew = 1;
793
		if ((ia = in6_alloc_ifa(ifp, ifra, flags)) == NULL)
794
			return (ENOBUFS);
795
	}
796

797
	error = in6_update_ifa_internal(ifp, ifra, ia, hostIsNew, flags);
798
	if (error != 0) {
799
		if (hostIsNew != 0) {
800
			in6_unlink_ifa(ia, ifp);
801
			ifa_free(&ia->ia_ifa);
802
		}
803
		return (error);
804
	}
805

806
	if (hostIsNew)
807
		error = in6_broadcast_ifa(ifp, ifra, ia, flags);
808

809
	return (error);
810
}
811

812
/*
813
 * Fill in basic IPv6 address request info.
814
 */
815
void
816
in6_prepare_ifra(struct in6_aliasreq *ifra, const struct in6_addr *addr,
817
    const struct in6_addr *mask)
818
{
819

820
	memset(ifra, 0, sizeof(struct in6_aliasreq));
821

822
	ifra->ifra_addr.sin6_family = AF_INET6;
823
	ifra->ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
824
	if (addr != NULL)
825
		ifra->ifra_addr.sin6_addr = *addr;
826

827
	ifra->ifra_prefixmask.sin6_family = AF_INET6;
828
	ifra->ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
829
	if (mask != NULL)
830
		ifra->ifra_prefixmask.sin6_addr = *mask;
831
}
832

833
static int
834
in6_validate_ifra(struct ifnet *ifp, struct in6_aliasreq *ifra,
835
    struct in6_ifaddr *ia, int flags)
836
{
837
	int plen = -1;
838
	struct sockaddr_in6 dst6;
839
	struct in6_addrlifetime *lt;
840
	char ip6buf[INET6_ADDRSTRLEN];
841

842
	/* Validate parameters */
843
	if (ifp == NULL || ifra == NULL) /* this maybe redundant */
844
		return (EINVAL);
845

846
	/*
847
	 * The destination address for a p2p link must have a family
848
	 * of AF_UNSPEC or AF_INET6.
849
	 */
850
	if ((ifp->if_flags & IFF_POINTOPOINT) != 0 &&
851
	    ifra->ifra_dstaddr.sin6_family != AF_INET6 &&
852
	    ifra->ifra_dstaddr.sin6_family != AF_UNSPEC)
853
		return (EAFNOSUPPORT);
854

855
	/*
856
	 * Validate address
857
	 */
858
	if (ifra->ifra_addr.sin6_len != sizeof(struct sockaddr_in6) ||
859
	    ifra->ifra_addr.sin6_family != AF_INET6)
860
		return (EINVAL);
861

862
	/*
863
	 * validate ifra_prefixmask.  don't check sin6_family, netmask
864
	 * does not carry fields other than sin6_len.
865
	 */
866
	if (ifra->ifra_prefixmask.sin6_len > sizeof(struct sockaddr_in6))
867
		return (EINVAL);
868
	/*
869
	 * Because the IPv6 address architecture is classless, we require
870
	 * users to specify a (non 0) prefix length (mask) for a new address.
871
	 * We also require the prefix (when specified) mask is valid, and thus
872
	 * reject a non-consecutive mask.
873
	 */
874
	if (ia == NULL && ifra->ifra_prefixmask.sin6_len == 0)
875
		return (EINVAL);
876
	if (ifra->ifra_prefixmask.sin6_len != 0) {
877
		plen = in6_mask2len(&ifra->ifra_prefixmask.sin6_addr,
878
		    (u_char *)&ifra->ifra_prefixmask +
879
		    ifra->ifra_prefixmask.sin6_len);
880
		if (plen <= 0)
881
			return (EINVAL);
882
	} else {
883
		/*
884
		 * In this case, ia must not be NULL.  We just use its prefix
885
		 * length.
886
		 */
887
		plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL);
888
	}
889
	/*
890
	 * If the destination address on a p2p interface is specified,
891
	 * and the address is a scoped one, validate/set the scope
892
	 * zone identifier.
893
	 */
894
	dst6 = ifra->ifra_dstaddr;
895
	if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) != 0 &&
896
	    (dst6.sin6_family == AF_INET6)) {
897
		struct in6_addr in6_tmp;
898
		u_int32_t zoneid;
899

900
		in6_tmp = dst6.sin6_addr;
901
		if (in6_setscope(&in6_tmp, ifp, &zoneid))
902
			return (EINVAL); /* XXX: should be impossible */
903

904
		if (dst6.sin6_scope_id != 0) {
905
			if (dst6.sin6_scope_id != zoneid)
906
				return (EINVAL);
907
		} else		/* user omit to specify the ID. */
908
			dst6.sin6_scope_id = zoneid;
909

910
		/* convert into the internal form */
911
		if (sa6_embedscope(&dst6, 0))
912
			return (EINVAL); /* XXX: should be impossible */
913
	}
914
	/* Modify original ifra_dstaddr to reflect changes */
915
	ifra->ifra_dstaddr = dst6;
916

917
	/*
918
	 * The destination address can be specified only for a p2p or a
919
	 * loopback interface.  If specified, the corresponding prefix length
920
	 * must be 128.
921
	 */
922
	if (ifra->ifra_dstaddr.sin6_family == AF_INET6) {
923
		if ((ifp->if_flags & (IFF_POINTOPOINT|IFF_LOOPBACK)) == 0) {
924
			/* XXX: noisy message */
925
			nd6log((LOG_INFO, "in6_update_ifa: a destination can "
926
			    "be specified for a p2p or a loopback IF only\n"));
927
			return (EINVAL);
928
		}
929
		if (plen != 128) {
930
			nd6log((LOG_INFO, "in6_update_ifa: prefixlen should "
931
			    "be 128 when dstaddr is specified\n"));
932
			return (EINVAL);
933
		}
934
	}
935
	/* lifetime consistency check */
936
	lt = &ifra->ifra_lifetime;
937
	if (lt->ia6t_pltime > lt->ia6t_vltime)
938
		return (EINVAL);
939
	if (lt->ia6t_vltime == 0) {
940
		/*
941
		 * the following log might be noisy, but this is a typical
942
		 * configuration mistake or a tool's bug.
943
		 */
944
		nd6log((LOG_INFO,
945
		    "in6_update_ifa: valid lifetime is 0 for %s\n",
946
		    ip6_sprintf(ip6buf, &ifra->ifra_addr.sin6_addr)));
947

948
		if (ia == NULL)
949
			return (0); /* there's nothing to do */
950
	}
951

952
	/* Check prefix mask */
953
	if (ia != NULL && ifra->ifra_prefixmask.sin6_len != 0) {
954
		/*
955
		 * We prohibit changing the prefix length of an existing
956
		 * address, because
957
		 * + such an operation should be rare in IPv6, and
958
		 * + the operation would confuse prefix management.
959
		 */
960
		if (ia->ia_prefixmask.sin6_len != 0 &&
961
		    in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL) != plen) {
962
			nd6log((LOG_INFO, "in6_validate_ifa: the prefix length "
963
			    "of an existing %s address should not be changed\n",
964
			    ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
965

966
			return (EINVAL);
967
		}
968
	}
969

970
	return (0);
971
}
972

973
/*
974
 * Allocate a new ifaddr and link it into chains.
975
 */
976
static struct in6_ifaddr *
977
in6_alloc_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, int flags)
978
{
979
	struct in6_ifaddr *ia;
980

981
	/*
982
	 * When in6_alloc_ifa() is called in a process of a received
983
	 * RA, it is called under an interrupt context.  So, we should
984
	 * call malloc with M_NOWAIT.
985
	 */
986
	ia = (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), M_NOWAIT);
987
	if (ia == NULL)
988
		return (NULL);
989
	LIST_INIT(&ia->ia6_memberships);
990
	/* Initialize the address and masks, and put time stamp */
991
	ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
992
	ia->ia_addr.sin6_family = AF_INET6;
993
	ia->ia_addr.sin6_len = sizeof(ia->ia_addr);
994
	/* XXX: Can we assign ,sin6_addr and skip the rest? */
995
	ia->ia_addr = ifra->ifra_addr;
996
	ia->ia6_createtime = time_uptime;
997
	if ((ifp->if_flags & (IFF_POINTOPOINT | IFF_LOOPBACK)) != 0) {
998
		/*
999
		 * Some functions expect that ifa_dstaddr is not
1000
		 * NULL for p2p interfaces.
1001
		 */
1002
		ia->ia_ifa.ifa_dstaddr =
1003
		    (struct sockaddr *)&ia->ia_dstaddr;
1004
	} else {
1005
		ia->ia_ifa.ifa_dstaddr = NULL;
1006
	}
1007

1008
	/* set prefix mask if any */
1009
	ia->ia_ifa.ifa_netmask = (struct sockaddr *)&ia->ia_prefixmask;
1010
	if (ifra->ifra_prefixmask.sin6_len != 0) {
1011
		ia->ia_prefixmask.sin6_family = AF_INET6;
1012
		ia->ia_prefixmask.sin6_len = ifra->ifra_prefixmask.sin6_len;
1013
		ia->ia_prefixmask.sin6_addr = ifra->ifra_prefixmask.sin6_addr;
1014
	}
1015

1016
	ia->ia_ifp = ifp;
1017
	ifa_ref(&ia->ia_ifa);			/* if_addrhead */
1018
	IF_ADDR_WLOCK(ifp);
1019
	CK_STAILQ_INSERT_TAIL(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
1020
	IF_ADDR_WUNLOCK(ifp);
1021

1022
	ifa_ref(&ia->ia_ifa);			/* in6_ifaddrhead */
1023
	IN6_IFADDR_WLOCK();
1024
	CK_STAILQ_INSERT_TAIL(&V_in6_ifaddrhead, ia, ia_link);
1025
	CK_LIST_INSERT_HEAD(IN6ADDR_HASH(&ia->ia_addr.sin6_addr), ia, ia6_hash);
1026
	IN6_IFADDR_WUNLOCK();
1027

1028
	return (ia);
1029
}
1030

1031
time_t
1032
in6_expire_time(uint32_t ltime)
1033
{
1034
	if (ltime == ND6_INFINITE_LIFETIME)
1035
		return (0);
1036
	else
1037
		return (time_uptime + ltime);
1038
}
1039

1040
/*
1041
 * Update/configure interface address parameters:
1042
 *
1043
 * 1) Update lifetime
1044
 * 2) Update interface metric ad flags
1045
 * 3) Notify other subsystems
1046
 */
1047
static int
1048
in6_update_ifa_internal(struct ifnet *ifp, struct in6_aliasreq *ifra,
1049
    struct in6_ifaddr *ia, int hostIsNew, int flags)
1050
{
1051
	int error;
1052

1053
	/* update timestamp */
1054
	ia->ia6_updatetime = time_uptime;
1055

1056
	/*
1057
	 * Set lifetimes.  We do not refer to ia6t_expire and ia6t_preferred
1058
	 * to see if the address is deprecated or invalidated, but initialize
1059
	 * these members for applications.
1060
	 */
1061
	ia->ia6_lifetime = ifra->ifra_lifetime;
1062
	ia->ia6_lifetime.ia6t_expire =
1063
	    in6_expire_time(ifra->ifra_lifetime.ia6t_vltime);
1064
	ia->ia6_lifetime.ia6t_preferred =
1065
	    in6_expire_time(ifra->ifra_lifetime.ia6t_pltime);
1066

1067
	/*
1068
	 * backward compatibility - if IN6_IFF_DEPRECATED is set from the
1069
	 * userland, make it deprecated.
1070
	 */
1071
	if ((ifra->ifra_flags & IN6_IFF_DEPRECATED) != 0) {
1072
		ia->ia6_lifetime.ia6t_pltime = 0;
1073
		ia->ia6_lifetime.ia6t_preferred = time_uptime;
1074
	}
1075

1076
	/*
1077
	 * configure address flags.
1078
	 */
1079
	ia->ia6_flags = ifra->ifra_flags;
1080

1081
	/*
1082
	 * Make the address tentative before joining multicast addresses,
1083
	 * so that corresponding MLD responses would not have a tentative
1084
	 * source address.
1085
	 */
1086
	ia->ia6_flags &= ~IN6_IFF_DUPLICATED;	/* safety */
1087

1088
	/*
1089
	 * DAD should be performed for an new address or addresses on
1090
	 * an interface with ND6_IFF_IFDISABLED.
1091
	 */
1092
	if (in6if_do_dad(ifp) &&
1093
	    (hostIsNew || (ifp->if_inet6->nd_flags & ND6_IFF_IFDISABLED)))
1094
		ia->ia6_flags |= IN6_IFF_TENTATIVE;
1095

1096
	/* notify other subsystems */
1097
	error = in6_notify_ifa(ifp, ia, ifra, hostIsNew);
1098

1099
	return (error);
1100
}
1101

1102
/*
1103
 * Do link-level ifa job:
1104
 * 1) Add lle entry for added address
1105
 * 2) Notifies routing socket users about new address
1106
 * 3) join appropriate multicast group
1107
 * 4) start DAD if enabled
1108
 */
1109
static int
1110
in6_broadcast_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
1111
    struct in6_ifaddr *ia, int flags)
1112
{
1113
	struct in6_multi *in6m_sol;
1114
	int error = 0;
1115

1116
	/* Add local address to lltable, if necessary (ex. on p2p link). */
1117
	if ((error = nd6_add_ifa_lle(ia)) != 0) {
1118
		in6_purgeaddr(&ia->ia_ifa);
1119
		ifa_free(&ia->ia_ifa);
1120
		return (error);
1121
	}
1122

1123
	/* Join necessary multicast groups. */
1124
	in6m_sol = NULL;
1125
	if ((ifp->if_flags & IFF_MULTICAST) != 0) {
1126
		error = in6_update_ifa_join_mc(ifp, ifra, ia, flags, &in6m_sol);
1127
		if (error != 0) {
1128
			in6_purgeaddr(&ia->ia_ifa);
1129
			ifa_free(&ia->ia_ifa);
1130
			return (error);
1131
		}
1132
	}
1133

1134
	/* Perform DAD, if the address is TENTATIVE. */
1135
	if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) {
1136
		int delay, mindelay, maxdelay;
1137

1138
		delay = 0;
1139
		if ((flags & IN6_IFAUPDATE_DADDELAY)) {
1140
			/*
1141
			 * We need to impose a delay before sending an NS
1142
			 * for DAD.  Check if we also needed a delay for the
1143
			 * corresponding MLD message.  If we did, the delay
1144
			 * should be larger than the MLD delay (this could be
1145
			 * relaxed a bit, but this simple logic is at least
1146
			 * safe).
1147
			 * XXX: Break data hiding guidelines and look at
1148
			 * state for the solicited multicast group.
1149
			 */
1150
			mindelay = 0;
1151
			if (in6m_sol != NULL &&
1152
			    in6m_sol->in6m_state == MLD_REPORTING_MEMBER) {
1153
				mindelay = in6m_sol->in6m_timer;
1154
			}
1155
			maxdelay = MAX_RTR_SOLICITATION_DELAY * hz;
1156
			if (maxdelay - mindelay == 0)
1157
				delay = 0;
1158
			else {
1159
				delay =
1160
				    (arc4random() % (maxdelay - mindelay)) +
1161
				    mindelay;
1162
			}
1163
		}
1164
		nd6_dad_start((struct ifaddr *)ia, delay);
1165
	}
1166

1167
	in6_newaddrmsg(ia, RTM_ADD);
1168
	ifa_free(&ia->ia_ifa);
1169
	return (error);
1170
}
1171

1172
/*
1173
 * Adds or deletes interface route for p2p ifa.
1174
 * Returns 0 on success or errno.
1175
 */
1176
static int
1177
in6_handle_dstaddr_rtrequest(int cmd, struct in6_ifaddr *ia)
1178
{
1179
	struct epoch_tracker et;
1180
	struct ifaddr *ifa = &ia->ia_ifa;
1181
	int error;
1182

1183
	/* Prepare gateway */
1184
	struct sockaddr_dl_short sdl = {
1185
		.sdl_family = AF_LINK,
1186
		.sdl_len = sizeof(struct sockaddr_dl_short),
1187
		.sdl_type = ifa->ifa_ifp->if_type,
1188
		.sdl_index = ifa->ifa_ifp->if_index,
1189
	};
1190

1191
	struct sockaddr_in6 dst = {
1192
		.sin6_family = AF_INET6,
1193
		.sin6_len = sizeof(struct sockaddr_in6),
1194
		.sin6_addr = ia->ia_dstaddr.sin6_addr,
1195
	};
1196

1197
	struct rt_addrinfo info = {
1198
		.rti_ifa = ifa,
1199
		.rti_ifp = ifa->ifa_ifp,
1200
		.rti_flags = RTF_PINNED | RTF_HOST,
1201
		.rti_info = {
1202
			[RTAX_DST] = (struct sockaddr *)&dst,
1203
			[RTAX_GATEWAY] = (struct sockaddr *)&sdl,
1204
		},
1205
	};
1206
	/* Don't set additional per-gw filters on removal */
1207

1208
	NET_EPOCH_ENTER(et);
1209
	error = rib_handle_ifaddr_info(ifa->ifa_ifp->if_fib, cmd, &info);
1210
	NET_EPOCH_EXIT(et);
1211

1212
	return (error);
1213
}
1214

1215
static bool
1216
ifa_is_p2p(struct in6_ifaddr *ia)
1217
{
1218
	int plen;
1219

1220
	plen = in6_mask2len(&ia->ia_prefixmask.sin6_addr, NULL); /* XXX */
1221

1222
	if ((plen == 128) && (ia->ia_dstaddr.sin6_family == AF_INET6) &&
1223
	    !IN6_ARE_ADDR_EQUAL(&ia->ia_addr.sin6_addr, &ia->ia_dstaddr.sin6_addr))
1224
		return (true);
1225

1226
	return (false);
1227
}
1228

1229
int
1230
in6_addifaddr(struct ifnet *ifp, struct in6_aliasreq *ifra, struct in6_ifaddr *ia)
1231
{
1232
	struct nd_prefixctl pr0;
1233
	struct nd_prefix *pr;
1234
	int carp_attached = 0;
1235
	int error;
1236

1237
	/*
1238
	 * Check if bridge wants to allow adding addrs to member interfaces.
1239
	 */
1240
	if (ifp->if_bridge != NULL && ifp->if_type != IFT_GIF &&
1241
	    bridge_member_ifaddrs_p != NULL) {
1242
		if (bridge_member_ifaddrs_p()) {
1243
			if_printf(ifp, "WARNING: Assigning an IP address to "
1244
			    "an interface which is also a bridge member is "
1245
			    "deprecated and will be unsupported in a future "
1246
			    "release.\n");
1247
		} else {
1248
			error = EINVAL;
1249
			goto out;
1250
		}
1251
	}
1252

1253
	/*
1254
	 * first, make or update the interface address structure,
1255
	 * and link it to the list.
1256
	 */
1257
	if ((error = in6_update_ifa(ifp, ifra, ia, 0)) != 0)
1258
		goto out;
1259
	if (ia != NULL) {
1260
		if (ia->ia_ifa.ifa_carp)
1261
			(*carp_detach_p)(&ia->ia_ifa, true);
1262
		ifa_free(&ia->ia_ifa);
1263
	}
1264
	if ((ia = in6ifa_ifpwithaddr(ifp, &ifra->ifra_addr.sin6_addr)) == NULL) {
1265
		/*
1266
		 * this can happen when the user specify the 0 valid
1267
		 * lifetime.
1268
		 */
1269
		return (0);
1270
	}
1271

1272
	if (ifra->ifra_vhid > 0) {
1273
		if (carp_attach_p != NULL)
1274
			error = (*carp_attach_p)(&ia->ia_ifa,
1275
			    ifra->ifra_vhid);
1276
		else
1277
			error = EPROTONOSUPPORT;
1278
		if (error)
1279
			goto out;
1280
		else
1281
			carp_attached = 1;
1282
	}
1283

1284
	/*
1285
	 * then, make the prefix on-link on the interface.
1286
	 * XXX: we'd rather create the prefix before the address, but
1287
	 * we need at least one address to install the corresponding
1288
	 * interface route, so we configure the address first.
1289
	 */
1290

1291
	/*
1292
	 * convert mask to prefix length (prefixmask has already
1293
	 * been validated in in6_update_ifa().
1294
	 */
1295
	bzero(&pr0, sizeof(pr0));
1296
	pr0.ndpr_ifp = ifp;
1297
	pr0.ndpr_plen = ia->ia_plen =
1298
	    in6_mask2len(&ifra->ifra_prefixmask.sin6_addr, NULL);
1299
	if (pr0.ndpr_plen == 128) {
1300
		/* we don't need to install a host route. */
1301
		goto aifaddr_out;
1302
	}
1303
	pr0.ndpr_prefix = ifra->ifra_addr;
1304
	/* apply the mask for safety. */
1305
	IN6_MASK_ADDR(&pr0.ndpr_prefix.sin6_addr,
1306
	    &ifra->ifra_prefixmask.sin6_addr);
1307

1308
	/*
1309
	 * XXX: since we don't have an API to set prefix (not address)
1310
	 * lifetimes, we just use the same lifetimes as addresses.
1311
	 * The (temporarily) installed lifetimes can be overridden by
1312
	 * later advertised RAs (when accept_rtadv is non 0), which is
1313
	 * an intended behavior.
1314
	 */
1315
	pr0.ndpr_raf_onlink = 1; /* should be configurable? */
1316
	pr0.ndpr_raf_auto =
1317
	    ((ifra->ifra_flags & IN6_IFF_AUTOCONF) != 0);
1318
	pr0.ndpr_vltime = ifra->ifra_lifetime.ia6t_vltime;
1319
	pr0.ndpr_pltime = ifra->ifra_lifetime.ia6t_pltime;
1320

1321
	/* add the prefix if not yet. */
1322
	if ((pr = nd6_prefix_lookup(&pr0)) == NULL) {
1323
		/*
1324
		 * nd6_prelist_add will install the corresponding
1325
		 * interface route.
1326
		 */
1327
		if ((error = nd6_prelist_add(&pr0, NULL, &pr)) != 0) {
1328
			if (carp_attached)
1329
				(*carp_detach_p)(&ia->ia_ifa, false);
1330
			goto out;
1331
		}
1332
	} else if (pr->ndpr_raf_onlink) {
1333
		time_t expiry;
1334

1335
		/*
1336
		 * If the prefix already exists, update lifetimes, but avoid
1337
		 * shortening them.
1338
		 */
1339
		ND6_WLOCK();
1340
		expiry = in6_expire_time(pr0.ndpr_pltime);
1341
		if (pr->ndpr_preferred != 0 &&
1342
		    (pr->ndpr_preferred < expiry || expiry == 0)) {
1343
			pr->ndpr_pltime = pr0.ndpr_pltime;
1344
			pr->ndpr_preferred = expiry;
1345
		}
1346
		expiry = in6_expire_time(pr0.ndpr_vltime);
1347
		if (pr->ndpr_expire != 0 &&
1348
		    (pr->ndpr_expire < expiry || expiry == 0)) {
1349
			pr->ndpr_vltime = pr0.ndpr_vltime;
1350
			pr->ndpr_expire = expiry;
1351
		}
1352
		pr->ndpr_lastupdate = time_uptime;
1353
		ND6_WUNLOCK();
1354
	}
1355

1356
	/* relate the address to the prefix */
1357
	if (ia->ia6_ndpr == NULL) {
1358
		ia->ia6_ndpr = pr;
1359
		pr->ndpr_addrcnt++;
1360

1361
		/*
1362
		 * If this is the first autoconf address from the
1363
		 * prefix, create a temporary address as well
1364
		 * (when required).
1365
		 */
1366
		if ((ia->ia6_flags & IN6_IFF_AUTOCONF) &&
1367
		    V_ip6_use_tempaddr && pr->ndpr_addrcnt == 1) {
1368
			int e;
1369
			if ((e = in6_tmpifadd(ia, 1, 0)) != 0) {
1370
				log(LOG_NOTICE, "in6_control: failed "
1371
				    "to create a temporary address, "
1372
				    "errno=%d\n", e);
1373
			}
1374
		}
1375
	}
1376
	nd6_prefix_rele(pr);
1377

1378
	/*
1379
	 * this might affect the status of autoconfigured addresses,
1380
	 * that is, this address might make other addresses detached.
1381
	 */
1382
	pfxlist_onlink_check();
1383

1384
aifaddr_out:
1385
	/*
1386
	 * Try to clear the flag when a new IPv6 address is added
1387
	 * onto an IFDISABLED interface and it succeeds.
1388
	 */
1389
	if (ifp->if_inet6->nd_flags & ND6_IFF_IFDISABLED) {
1390
		struct in6_ndireq nd;
1391

1392
		memset(&nd, 0, sizeof(nd));
1393
		nd.ndi.flags = ifp->if_inet6->nd_flags;
1394
		nd.ndi.flags &= ~ND6_IFF_IFDISABLED;
1395
		if (nd6_ioctl(SIOCSIFINFO_FLAGS, (caddr_t)&nd, ifp) < 0)
1396
			log(LOG_NOTICE, "SIOCAIFADDR_IN6: "
1397
			    "SIOCSIFINFO_FLAGS for -ifdisabled "
1398
			    "failed.");
1399
		/*
1400
		 * Ignore failure of clearing the flag intentionally.
1401
		 * The failure means address duplication was detected.
1402
		 */
1403
	}
1404
	error = 0;
1405

1406
out:
1407
	if (ia != NULL)
1408
		ifa_free(&ia->ia_ifa);
1409
	return (error);
1410
}
1411

1412
void
1413
in6_purgeaddr(struct ifaddr *ifa)
1414
{
1415
	struct ifnet *ifp = ifa->ifa_ifp;
1416
	struct in6_ifaddr *ia = (struct in6_ifaddr *) ifa;
1417
	struct in6_multi_mship *imm;
1418
	int error;
1419

1420
	if (ifa->ifa_carp)
1421
		(*carp_detach_p)(ifa, false);
1422

1423
	/*
1424
	 * Remove the loopback route to the interface address.
1425
	 * The check for the current setting of "nd6_useloopback"
1426
	 * is not needed.
1427
	 */
1428
	if (ia->ia_flags & IFA_RTSELF) {
1429
		error = ifa_del_loopback_route((struct ifaddr *)ia,
1430
		    (struct sockaddr *)&ia->ia_addr);
1431
		if (error == 0)
1432
			ia->ia_flags &= ~IFA_RTSELF;
1433
	}
1434

1435
	/* stop DAD processing */
1436
	nd6_dad_stop(ifa);
1437

1438
	/* Leave multicast groups. */
1439
	while ((imm = LIST_FIRST(&ia->ia6_memberships)) != NULL) {
1440
		LIST_REMOVE(imm, i6mm_chain);
1441
		if (imm->i6mm_maddr != NULL)
1442
			in6_leavegroup(imm->i6mm_maddr, NULL);
1443
		free(imm, M_IP6MADDR);
1444
	}
1445
	/* Check if we need to remove p2p route */
1446
	if ((ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1447
		error = in6_handle_dstaddr_rtrequest(RTM_DELETE, ia);
1448
		if (error != 0)
1449
			log(LOG_INFO, "%s: err=%d, destination address delete "
1450
			    "failed\n", __func__, error);
1451
		ia->ia_flags &= ~IFA_ROUTE;
1452
	}
1453

1454
	in6_newaddrmsg(ia, RTM_DELETE);
1455
	in6_unlink_ifa(ia, ifp);
1456
}
1457

1458
/*
1459
 * Removes @ia from the corresponding interfaces and unlinks corresponding
1460
 *  prefix if no addresses are using it anymore.
1461
 */
1462
void
1463
in6_purgeifaddr(struct in6_ifaddr *ia)
1464
{
1465
	struct nd_prefix *pr;
1466

1467
	/*
1468
	 * If the address being deleted is the only one that owns
1469
	 * the corresponding prefix, expire the prefix as well.
1470
	 * XXX: theoretically, we don't have to worry about such
1471
	 * relationship, since we separate the address management
1472
	 * and the prefix management.  We do this, however, to provide
1473
	 * as much backward compatibility as possible in terms of
1474
	 * the ioctl operation.
1475
	 * Note that in6_purgeaddr() will decrement ndpr_addrcnt.
1476
	 */
1477
	pr = ia->ia6_ndpr;
1478
	in6_purgeaddr(&ia->ia_ifa);
1479
	if (pr != NULL && pr->ndpr_addrcnt == 0) {
1480
		ND6_WLOCK();
1481
		nd6_prefix_unlink(pr, NULL);
1482
		ND6_WUNLOCK();
1483
		nd6_prefix_del(pr);
1484
	}
1485
}
1486

1487

1488
static void
1489
in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
1490
{
1491
	char ip6buf[INET6_ADDRSTRLEN];
1492
	int remove_lle;
1493

1494
	IF_ADDR_WLOCK(ifp);
1495
	CK_STAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifaddr, ifa_link);
1496
	IF_ADDR_WUNLOCK(ifp);
1497
	ifa_free(&ia->ia_ifa);			/* if_addrhead */
1498

1499
	/*
1500
	 * Defer the release of what might be the last reference to the
1501
	 * in6_ifaddr so that it can't be freed before the remainder of the
1502
	 * cleanup.
1503
	 */
1504
	IN6_IFADDR_WLOCK();
1505
	CK_STAILQ_REMOVE(&V_in6_ifaddrhead, ia, in6_ifaddr, ia_link);
1506
	CK_LIST_REMOVE(ia, ia6_hash);
1507
	IN6_IFADDR_WUNLOCK();
1508

1509
	/*
1510
	 * Release the reference to the base prefix.  There should be a
1511
	 * positive reference.
1512
	 */
1513
	remove_lle = 0;
1514
	if (ia->ia6_ndpr != NULL) {
1515
		ia->ia6_ndpr->ndpr_addrcnt--;
1516
		/* Do not delete lles within prefix if refcont != 0 */
1517
		if (ia->ia6_ndpr->ndpr_addrcnt == 0)
1518
			remove_lle = 1;
1519
		ia->ia6_ndpr = NULL;
1520
	} else if (ia->ia_plen < 128) {
1521
		nd6log((LOG_NOTICE,
1522
		    "in6_unlink_ifa: autoconf'ed address "
1523
		    "%s has no prefix\n", ip6_sprintf(ip6buf, IA6_IN6(ia))));
1524
	}
1525

1526
	nd6_rem_ifa_lle(ia, remove_lle);
1527

1528
	/*
1529
	 * Also, if the address being removed is autoconf'ed, call
1530
	 * pfxlist_onlink_check() since the release might affect the status of
1531
	 * other (detached) addresses.
1532
	 */
1533
	if ((ia->ia6_flags & IN6_IFF_AUTOCONF)) {
1534
		pfxlist_onlink_check();
1535
	}
1536
	ifa_free(&ia->ia_ifa);			/* in6_ifaddrhead */
1537
}
1538

1539
/*
1540
 * Notifies other subsystems about address change/arrival:
1541
 * 1) Notifies device handler on the first IPv6 address assignment
1542
 * 2) Handle routing table changes for P2P links and route
1543
 * 3) Handle routing table changes for address host route
1544
 */
1545
static int
1546
in6_notify_ifa(struct ifnet *ifp, struct in6_ifaddr *ia,
1547
    struct in6_aliasreq *ifra, int hostIsNew)
1548
{
1549
	int	error = 0, ifacount = 0;
1550
	struct ifaddr *ifa;
1551
	struct sockaddr_in6 *pdst;
1552
	char ip6buf[INET6_ADDRSTRLEN];
1553

1554
	/*
1555
	 * Give the interface a chance to initialize
1556
	 * if this is its first address,
1557
	 */
1558
	if (hostIsNew != 0) {
1559
		struct epoch_tracker et;
1560

1561
		NET_EPOCH_ENTER(et);
1562
		CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1563
			if (ifa->ifa_addr->sa_family != AF_INET6)
1564
				continue;
1565
			ifacount++;
1566
		}
1567
		NET_EPOCH_EXIT(et);
1568
	}
1569

1570
	if (ifacount <= 1 && ifp->if_ioctl) {
1571
		error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia);
1572
		if (error)
1573
			goto done;
1574
	}
1575

1576
	/*
1577
	 * If a new destination address is specified, scrub the old one and
1578
	 * install the new destination.  Note that the interface must be
1579
	 * p2p or loopback.
1580
	 */
1581
	pdst = &ifra->ifra_dstaddr;
1582
	if (pdst->sin6_family == AF_INET6 &&
1583
	    !IN6_ARE_ADDR_EQUAL(&pdst->sin6_addr, &ia->ia_dstaddr.sin6_addr)) {
1584
		if ((ia->ia_flags & IFA_ROUTE) != 0 &&
1585
		    (in6_handle_dstaddr_rtrequest(RTM_DELETE, ia) != 0)) {
1586
			nd6log((LOG_ERR, "in6_update_ifa_internal: failed to "
1587
			    "remove a route to the old destination: %s\n",
1588
			    ip6_sprintf(ip6buf, &ia->ia_addr.sin6_addr)));
1589
			/* proceed anyway... */
1590
		} else
1591
			ia->ia_flags &= ~IFA_ROUTE;
1592
		ia->ia_dstaddr = *pdst;
1593
	}
1594

1595
	/*
1596
	 * If a new destination address is specified for a point-to-point
1597
	 * interface, install a route to the destination as an interface
1598
	 * direct route.
1599
	 * XXX: the logic below rejects assigning multiple addresses on a p2p
1600
	 * interface that share the same destination.
1601
	 */
1602
	if (!(ia->ia_flags & IFA_ROUTE) && ifa_is_p2p(ia)) {
1603
		error = in6_handle_dstaddr_rtrequest(RTM_ADD, ia);
1604
		if (error)
1605
			goto done;
1606
		ia->ia_flags |= IFA_ROUTE;
1607
	}
1608

1609
	/*
1610
	 * add a loopback route to self if not exists
1611
	 */
1612
	if (!(ia->ia_flags & IFA_RTSELF) && V_nd6_useloopback) {
1613
		error = ifa_add_loopback_route((struct ifaddr *)ia,
1614
		    (struct sockaddr *)&ia->ia_addr);
1615
		if (error == 0)
1616
			ia->ia_flags |= IFA_RTSELF;
1617
	}
1618
done:
1619
	WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, NULL,
1620
	    "Invoking IPv6 network device address event may sleep");
1621

1622
	ifa_ref(&ia->ia_ifa);
1623
	EVENTHANDLER_INVOKE(ifaddr_event_ext, ifp, &ia->ia_ifa,
1624
	    IFADDR_EVENT_ADD);
1625
	ifa_free(&ia->ia_ifa);
1626

1627
	return (error);
1628
}
1629

1630
/*
1631
 * Find an IPv6 interface link-local address specific to an interface.
1632
 * ifaddr is returned referenced.
1633
 */
1634
struct in6_ifaddr *
1635
in6ifa_ifpforlinklocal(struct ifnet *ifp, int ignoreflags)
1636
{
1637
	struct ifaddr *ifa;
1638

1639
	NET_EPOCH_ASSERT();
1640

1641
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1642
		if (ifa->ifa_addr->sa_family != AF_INET6)
1643
			continue;
1644
		if (IN6_IS_ADDR_LINKLOCAL(IFA_IN6(ifa))) {
1645
			if ((((struct in6_ifaddr *)ifa)->ia6_flags &
1646
			    ignoreflags) != 0)
1647
				continue;
1648
			ifa_ref(ifa);
1649
			break;
1650
		}
1651
	}
1652

1653
	return ((struct in6_ifaddr *)ifa);
1654
}
1655

1656
/*
1657
 * find the interface address corresponding to a given IPv6 address.
1658
 * ifaddr is returned referenced if @referenced flag is set.
1659
 */
1660
struct in6_ifaddr *
1661
in6ifa_ifwithaddr(const struct in6_addr *addr, uint32_t zoneid, bool referenced)
1662
{
1663
	struct rm_priotracker in6_ifa_tracker;
1664
	struct in6_ifaddr *ia;
1665

1666
	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1667
	CK_LIST_FOREACH(ia, IN6ADDR_HASH(addr), ia6_hash) {
1668
		if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), addr)) {
1669
			if (zoneid != 0 &&
1670
			    zoneid != ia->ia_addr.sin6_scope_id)
1671
				continue;
1672
			if (referenced)
1673
				ifa_ref(&ia->ia_ifa);
1674
			break;
1675
		}
1676
	}
1677
	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1678
	return (ia);
1679
}
1680

1681
/*
1682
 * find the internet address corresponding to a given interface and address.
1683
 * ifaddr is returned referenced.
1684
 */
1685
struct in6_ifaddr *
1686
in6ifa_ifpwithaddr(struct ifnet *ifp, const struct in6_addr *addr)
1687
{
1688
	struct epoch_tracker et;
1689
	struct ifaddr *ifa;
1690

1691
	NET_EPOCH_ENTER(et);
1692
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1693
		if (ifa->ifa_addr->sa_family != AF_INET6)
1694
			continue;
1695
		if (IN6_ARE_ADDR_EQUAL(addr, IFA_IN6(ifa))) {
1696
			ifa_ref(ifa);
1697
			break;
1698
		}
1699
	}
1700
	NET_EPOCH_EXIT(et);
1701

1702
	return ((struct in6_ifaddr *)ifa);
1703
}
1704

1705
/*
1706
 * Find a link-local scoped address on ifp and return it if any.
1707
 */
1708
struct in6_ifaddr *
1709
in6ifa_llaonifp(struct ifnet *ifp)
1710
{
1711
	struct epoch_tracker et;
1712
	struct sockaddr_in6 *sin6;
1713
	struct ifaddr *ifa;
1714

1715
	if (ifp->if_inet6->nd_flags & ND6_IFF_IFDISABLED)
1716
		return (NULL);
1717
	NET_EPOCH_ENTER(et);
1718
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1719
		if (ifa->ifa_addr->sa_family != AF_INET6)
1720
			continue;
1721
		sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1722
		if (IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr) ||
1723
		    IN6_IS_ADDR_MC_INTFACELOCAL(&sin6->sin6_addr) ||
1724
		    IN6_IS_ADDR_MC_NODELOCAL(&sin6->sin6_addr))
1725
			break;
1726
	}
1727
	NET_EPOCH_EXIT(et);
1728

1729
	return ((struct in6_ifaddr *)ifa);
1730
}
1731

1732
/*
1733
 * Convert IP6 address to printable (loggable) representation. Caller
1734
 * has to make sure that ip6buf is at least INET6_ADDRSTRLEN long.
1735
 */
1736
static char digits[] = "0123456789abcdef";
1737
char *
1738
ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
1739
{
1740
	int i, cnt = 0, maxcnt = 0, idx = 0, index = 0;
1741
	char *cp;
1742
	const u_int16_t *a = (const u_int16_t *)addr;
1743
	const u_int8_t *d;
1744
	int dcolon = 0, zero = 0;
1745

1746
	cp = ip6buf;
1747

1748
	for (i = 0; i < 8; i++) {
1749
		if (*(a + i) == 0) {
1750
			cnt++;
1751
			if (cnt == 1)
1752
				idx = i;
1753
		}
1754
		else if (maxcnt < cnt) {
1755
			maxcnt = cnt;
1756
			index = idx;
1757
			cnt = 0;
1758
		}
1759
	}
1760
	if (maxcnt < cnt) {
1761
		maxcnt = cnt;
1762
		index = idx;
1763
	}
1764

1765
	for (i = 0; i < 8; i++) {
1766
		if (dcolon == 1) {
1767
			if (*a == 0) {
1768
				if (i == 7)
1769
					*cp++ = ':';
1770
				a++;
1771
				continue;
1772
			} else
1773
				dcolon = 2;
1774
		}
1775
		if (*a == 0) {
1776
			if (dcolon == 0 && *(a + 1) == 0 && i == index) {
1777
				if (i == 0)
1778
					*cp++ = ':';
1779
				*cp++ = ':';
1780
				dcolon = 1;
1781
			} else {
1782
				*cp++ = '0';
1783
				*cp++ = ':';
1784
			}
1785
			a++;
1786
			continue;
1787
		}
1788
		d = (const u_char *)a;
1789
		/* Try to eliminate leading zeros in printout like in :0001. */
1790
		zero = 1;
1791
		*cp = digits[*d >> 4];
1792
		if (*cp != '0') {
1793
			zero = 0;
1794
			cp++;
1795
		}
1796
		*cp = digits[*d++ & 0xf];
1797
		if (zero == 0 || (*cp != '0')) {
1798
			zero = 0;
1799
			cp++;
1800
		}
1801
		*cp = digits[*d >> 4];
1802
		if (zero == 0 || (*cp != '0')) {
1803
			zero = 0;
1804
			cp++;
1805
		}
1806
		*cp++ = digits[*d & 0xf];
1807
		*cp++ = ':';
1808
		a++;
1809
	}
1810
	*--cp = '\0';
1811
	return (ip6buf);
1812
}
1813

1814
int
1815
in6_localaddr(struct in6_addr *in6)
1816
{
1817
	struct rm_priotracker in6_ifa_tracker;
1818
	struct in6_ifaddr *ia;
1819

1820
	if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
1821
		return 1;
1822

1823
	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1824
	CK_STAILQ_FOREACH(ia, &V_in6_ifaddrhead, ia_link) {
1825
		if (IN6_ARE_MASKED_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr,
1826
		    &ia->ia_prefixmask.sin6_addr)) {
1827
			IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1828
			return 1;
1829
		}
1830
	}
1831
	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1832

1833
	return (0);
1834
}
1835

1836
/*
1837
 * Return 1 if an internet address is for the local host and configured
1838
 * on one of its interfaces.
1839
 */
1840
int
1841
in6_localip(struct in6_addr *in6)
1842
{
1843
	struct rm_priotracker in6_ifa_tracker;
1844
	struct in6_ifaddr *ia;
1845

1846
	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1847
	CK_LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
1848
		if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr)) {
1849
			IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1850
			return (1);
1851
		}
1852
	}
1853
	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1854
	return (0);
1855
}
1856

1857
/*
1858
 * Like in6_localip(), but FIB-aware and carp(4)-aware.
1859
 */
1860
bool
1861
in6_localip_fib(struct in6_addr *in6, uint16_t fib)
1862
{
1863
	struct rm_priotracker in6_ifa_tracker;
1864
	struct in6_ifaddr *ia;
1865

1866
	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1867
	CK_LIST_FOREACH(ia, IN6ADDR_HASH(in6), ia6_hash) {
1868
		if (IN6_ARE_ADDR_EQUAL(in6, &ia->ia_addr.sin6_addr) &&
1869
		    (ia->ia_ifa.ifa_carp == NULL ||
1870
		    carp_master_p(&ia->ia_ifa)) &&
1871
		    ia->ia_ifa.ifa_ifp->if_fib == fib) {
1872
			IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1873
			return (true);
1874
		}
1875
	}
1876
	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1877
	return (false);
1878
}
1879

1880
/*
1881
 * Return 1 if an internet address is configured on an interface.
1882
 */
1883
int
1884
in6_ifhasaddr(struct ifnet *ifp, struct in6_addr *addr)
1885
{
1886
	struct in6_addr in6;
1887
	struct ifaddr *ifa;
1888
	struct in6_ifaddr *ia6;
1889

1890
	NET_EPOCH_ASSERT();
1891

1892
	in6 = *addr;
1893
	if (in6_clearscope(&in6))
1894
		return (0);
1895
	in6_setscope(&in6, ifp, NULL);
1896

1897
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
1898
		if (ifa->ifa_addr->sa_family != AF_INET6)
1899
			continue;
1900
		ia6 = (struct in6_ifaddr *)ifa;
1901
		if (IN6_ARE_ADDR_EQUAL(&ia6->ia_addr.sin6_addr, &in6))
1902
			return (1);
1903
	}
1904

1905
	return (0);
1906
}
1907

1908
int
1909
in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
1910
{
1911
	struct rm_priotracker in6_ifa_tracker;
1912
	struct in6_ifaddr *ia;
1913

1914
	IN6_IFADDR_RLOCK(&in6_ifa_tracker);
1915
	CK_LIST_FOREACH(ia, IN6ADDR_HASH(&sa6->sin6_addr), ia6_hash) {
1916
		if (IN6_ARE_ADDR_EQUAL(IA6_IN6(ia), &sa6->sin6_addr)) {
1917
			if (ia->ia6_flags & IN6_IFF_DEPRECATED) {
1918
				IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1919
				return (1); /* true */
1920
			}
1921
			break;
1922
		}
1923
	}
1924
	IN6_IFADDR_RUNLOCK(&in6_ifa_tracker);
1925

1926
	return (0);		/* false */
1927
}
1928

1929
/*
1930
 * return length of part which dst and src are equal
1931
 * hard coding...
1932
 */
1933
int
1934
in6_matchlen(struct in6_addr *src, struct in6_addr *dst)
1935
{
1936
	int match = 0;
1937
	u_char *s = (u_char *)src, *d = (u_char *)dst;
1938
	u_char *lim = s + 16, r;
1939

1940
	while (s < lim)
1941
		if ((r = (*d++ ^ *s++)) != 0) {
1942
			while (r < 128) {
1943
				match++;
1944
				r <<= 1;
1945
			}
1946
			break;
1947
		} else
1948
			match += 8;
1949
	return match;
1950
}
1951

1952
/* XXX: to be scope conscious */
1953
int
1954
in6_are_prefix_equal(struct in6_addr *p1, struct in6_addr *p2, int len)
1955
{
1956
	int bytelen, bitlen;
1957

1958
	/* sanity check */
1959
	if (0 > len || len > 128) {
1960
		log(LOG_ERR, "in6_are_prefix_equal: invalid prefix length(%d)\n",
1961
		    len);
1962
		return (0);
1963
	}
1964

1965
	bytelen = len / 8;
1966
	bitlen = len % 8;
1967

1968
	if (bcmp(&p1->s6_addr, &p2->s6_addr, bytelen))
1969
		return (0);
1970
	if (bitlen != 0 &&
1971
	    p1->s6_addr[bytelen] >> (8 - bitlen) !=
1972
	    p2->s6_addr[bytelen] >> (8 - bitlen))
1973
		return (0);
1974

1975
	return (1);
1976
}
1977

1978
void
1979
in6_prefixlen2mask(struct in6_addr *maskp, int len)
1980
{
1981
	u_char maskarray[8] = {0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff};
1982
	int bytelen, bitlen, i;
1983

1984
	/* sanity check */
1985
	if (0 > len || len > 128) {
1986
		log(LOG_ERR, "in6_prefixlen2mask: invalid prefix length(%d)\n",
1987
		    len);
1988
		return;
1989
	}
1990

1991
	bzero(maskp, sizeof(*maskp));
1992
	bytelen = len / 8;
1993
	bitlen = len % 8;
1994
	for (i = 0; i < bytelen; i++)
1995
		maskp->s6_addr[i] = 0xff;
1996
	if (bitlen)
1997
		maskp->s6_addr[bytelen] = maskarray[bitlen - 1];
1998
}
1999

2000
/*
2001
 * return the best address out of the same scope. if no address was
2002
 * found, return the first valid address from designated IF.
2003
 */
2004
struct in6_ifaddr *
2005
in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
2006
{
2007
	int dst_scope =	in6_addrscope(dst), blen = -1, tlen;
2008
	struct ifaddr *ifa;
2009
	struct in6_ifaddr *besta = NULL;
2010
	struct in6_ifaddr *dep[2];	/* last-resort: deprecated */
2011

2012
	NET_EPOCH_ASSERT();
2013

2014
	dep[0] = dep[1] = NULL;
2015

2016
	/*
2017
	 * We first look for addresses in the same scope.
2018
	 * If there is one, return it.
2019
	 * If two or more, return one which matches the dst longest.
2020
	 * If none, return one of global addresses assigned other ifs.
2021
	 */
2022
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2023
		if (ifa->ifa_addr->sa_family != AF_INET6)
2024
			continue;
2025
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2026
			continue; /* XXX: is there any case to allow anycast? */
2027
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2028
			continue; /* don't use this interface */
2029
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2030
			continue;
2031
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2032
			if (V_ip6_use_deprecated)
2033
				dep[0] = (struct in6_ifaddr *)ifa;
2034
			continue;
2035
		}
2036

2037
		if (dst_scope == in6_addrscope(IFA_IN6(ifa))) {
2038
			/*
2039
			 * call in6_matchlen() as few as possible
2040
			 */
2041
			if (besta) {
2042
				if (blen == -1)
2043
					blen = in6_matchlen(&besta->ia_addr.sin6_addr, dst);
2044
				tlen = in6_matchlen(IFA_IN6(ifa), dst);
2045
				if (tlen > blen) {
2046
					blen = tlen;
2047
					besta = (struct in6_ifaddr *)ifa;
2048
				}
2049
			} else
2050
				besta = (struct in6_ifaddr *)ifa;
2051
		}
2052
	}
2053
	if (besta)
2054
		return (besta);
2055

2056
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2057
		if (ifa->ifa_addr->sa_family != AF_INET6)
2058
			continue;
2059
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_ANYCAST)
2060
			continue; /* XXX: is there any case to allow anycast? */
2061
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_NOTREADY)
2062
			continue; /* don't use this interface */
2063
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DETACHED)
2064
			continue;
2065
		if (((struct in6_ifaddr *)ifa)->ia6_flags & IN6_IFF_DEPRECATED) {
2066
			if (V_ip6_use_deprecated)
2067
				dep[1] = (struct in6_ifaddr *)ifa;
2068
			continue;
2069
		}
2070

2071
		return (struct in6_ifaddr *)ifa;
2072
	}
2073

2074
	/* use the last-resort values, that are, deprecated addresses */
2075
	if (dep[0])
2076
		return dep[0];
2077
	if (dep[1])
2078
		return dep[1];
2079

2080
	return NULL;
2081
}
2082

2083
/*
2084
 * perform DAD when interface becomes IFF_UP.
2085
 */
2086
void
2087
in6_if_up(struct ifnet *ifp)
2088
{
2089
	struct epoch_tracker et;
2090
	struct ifaddr *ifa;
2091
	struct in6_ifaddr *ia;
2092

2093
	NET_EPOCH_ENTER(et);
2094
	CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
2095
		if (ifa->ifa_addr->sa_family != AF_INET6)
2096
			continue;
2097
		ia = (struct in6_ifaddr *)ifa;
2098
		if (ia->ia6_flags & IN6_IFF_TENTATIVE) {
2099
			/*
2100
			 * The TENTATIVE flag was likely set by hand
2101
			 * beforehand, implicitly indicating the need for DAD.
2102
			 * We may be able to skip the random delay in this
2103
			 * case, but we impose delays just in case.
2104
			 */
2105
			nd6_dad_start(ifa,
2106
			    arc4random() % (MAX_RTR_SOLICITATION_DELAY * hz));
2107
		}
2108
	}
2109
	NET_EPOCH_EXIT(et);
2110

2111
	/*
2112
	 * special cases, like 6to4, are handled in in6_ifattach
2113
	 */
2114
	in6_ifattach(ifp, NULL);
2115
}
2116

2117
static void
2118
in6_ifevent(void *arg __unused, struct ifnet *ifp, int event)
2119
{
2120
	if (event == IFNET_EVENT_UP)
2121
		in6_if_up(ifp);
2122
}
2123

2124
static void
2125
in6_init(void *arg __unused)
2126
{
2127
	EVENTHANDLER_REGISTER(ifnet_event, in6_ifevent, NULL, EVENTHANDLER_PRI_ANY);
2128
}
2129
SYSINIT(in6_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, in6_init, NULL);
2130

2131
int
2132
in6if_do_dad(struct ifnet *ifp)
2133
{
2134

2135
	if ((ifp->if_flags & IFF_LOOPBACK) != 0)
2136
		return (0);
2137
	if ((ifp->if_flags & IFF_MULTICAST) == 0)
2138
		return (0);
2139
	if ((ifp->if_inet6->nd_flags &
2140
	    (ND6_IFF_IFDISABLED | ND6_IFF_NO_DAD)) != 0)
2141
		return (0);
2142
	return (1);
2143
}
2144

2145
/*
2146
 * Provide the length of interface identifiers to be used for the link attached
2147
 * to the given interface.  The length should be defined in "IPv6 over
2148
 * xxx-link" document.  Note that address architecture might also define
2149
 * the length for a particular set of address prefixes, regardless of the
2150
 * link type.  As clarified in rfc2462bis, those two definitions should be
2151
 * consistent, and those really are as of August 2004.
2152
 */
2153
int
2154
in6_if2idlen(struct ifnet *ifp)
2155
{
2156
	switch (ifp->if_type) {
2157
	case IFT_ETHER:		/* RFC2464 */
2158
	case IFT_PROPVIRTUAL:	/* XXX: no RFC. treat it as ether */
2159
	case IFT_L2VLAN:	/* ditto */
2160
	case IFT_BRIDGE:	/* bridge(4) only does Ethernet-like links */
2161
	case IFT_INFINIBAND:
2162
		return (64);
2163
	case IFT_PPP:		/* RFC2472 */
2164
		return (64);
2165
	case IFT_FRELAY:	/* RFC2590 */
2166
		return (64);
2167
	case IFT_IEEE1394:	/* RFC3146 */
2168
		return (64);
2169
	case IFT_GIF:
2170
		return (64);	/* draft-ietf-v6ops-mech-v2-07 */
2171
	case IFT_LOOP:
2172
		return (64);	/* XXX: is this really correct? */
2173
	default:
2174
		/*
2175
		 * Unknown link type:
2176
		 * It might be controversial to use the today's common constant
2177
		 * of 64 for these cases unconditionally.  For full compliance,
2178
		 * we should return an error in this case.  On the other hand,
2179
		 * if we simply miss the standard for the link type or a new
2180
		 * standard is defined for a new link type, the IFID length
2181
		 * is very likely to be the common constant.  As a compromise,
2182
		 * we always use the constant, but make an explicit notice
2183
		 * indicating the "unknown" case.
2184
		 */
2185
		printf("in6_if2idlen: unknown link type (%d)\n", ifp->if_type);
2186
		return (64);
2187
	}
2188
}
2189

2190
struct in6_llentry {
2191
	struct llentry		base;
2192
};
2193

2194
#define	IN6_LLTBL_DEFAULT_HSIZE	32
2195
#define	IN6_LLTBL_HASH(k, h) \
2196
	(((((((k >> 8) ^ k) >> 8) ^ k) >> 8) ^ k) & ((h) - 1))
2197

2198
/*
2199
 * Do actual deallocation of @lle.
2200
 */
2201
static void
2202
in6_lltable_destroy_lle_unlocked(epoch_context_t ctx)
2203
{
2204
	struct llentry *lle;
2205

2206
	lle = __containerof(ctx, struct llentry, lle_epoch_ctx);
2207
	LLE_LOCK_DESTROY(lle);
2208
	LLE_REQ_DESTROY(lle);
2209
	free(lle, M_LLTABLE);
2210
}
2211

2212
/*
2213
 * Called by LLE_FREE_LOCKED when number of references
2214
 * drops to zero.
2215
 */
2216
static void
2217
in6_lltable_destroy_lle(struct llentry *lle)
2218
{
2219

2220
	LLE_WUNLOCK(lle);
2221
	NET_EPOCH_CALL(in6_lltable_destroy_lle_unlocked, &lle->lle_epoch_ctx);
2222
}
2223

2224
static struct llentry *
2225
in6_lltable_new(const struct in6_addr *addr6, u_int flags)
2226
{
2227
	struct in6_llentry *lle;
2228

2229
	lle = malloc(sizeof(struct in6_llentry), M_LLTABLE, M_NOWAIT | M_ZERO);
2230
	if (lle == NULL)		/* NB: caller generates msg */
2231
		return NULL;
2232

2233
	lle->base.r_l3addr.addr6 = *addr6;
2234
	lle->base.lle_refcnt = 1;
2235
	lle->base.lle_free = in6_lltable_destroy_lle;
2236
	LLE_LOCK_INIT(&lle->base);
2237
	LLE_REQ_INIT(&lle->base);
2238
	callout_init(&lle->base.lle_timer, 1);
2239

2240
	return (&lle->base);
2241
}
2242

2243
static int
2244
in6_lltable_match_prefix(const struct sockaddr *saddr,
2245
    const struct sockaddr *smask, u_int flags, struct llentry *lle)
2246
{
2247
	const struct in6_addr *addr, *mask, *lle_addr;
2248

2249
	addr = &((const struct sockaddr_in6 *)saddr)->sin6_addr;
2250
	mask = &((const struct sockaddr_in6 *)smask)->sin6_addr;
2251
	lle_addr = &lle->r_l3addr.addr6;
2252

2253
	if (IN6_ARE_MASKED_ADDR_EQUAL(lle_addr, addr, mask) == 0)
2254
		return (0);
2255

2256
	if (lle->la_flags & LLE_IFADDR) {
2257
		/*
2258
		 * Delete LLE_IFADDR records IFF address & flag matches.
2259
		 * Note that addr is the interface address within prefix
2260
		 * being matched.
2261
		 */
2262
		if (IN6_ARE_ADDR_EQUAL(addr, lle_addr) &&
2263
		    (flags & LLE_STATIC) != 0)
2264
			return (1);
2265
		return (0);
2266
	}
2267

2268
	/* flags & LLE_STATIC means deleting both dynamic and static entries */
2269
	if ((flags & LLE_STATIC) || !(lle->la_flags & LLE_STATIC))
2270
		return (1);
2271

2272
	return (0);
2273
}
2274

2275
static void
2276
in6_lltable_free_entry(struct lltable *llt, struct llentry *lle)
2277
{
2278

2279
	LLE_WLOCK_ASSERT(lle);
2280
	KASSERT(llt != NULL, ("lltable is NULL"));
2281

2282
	/* Unlink entry from table */
2283
	if ((lle->la_flags & LLE_LINKED) != 0) {
2284
		LLTABLE_LOCK_ASSERT(llt);
2285
		lltable_unlink_entry(llt, lle);
2286
	}
2287

2288
	llentry_free(lle);
2289
}
2290

2291
static int
2292
in6_lltable_rtcheck(struct ifnet *ifp,
2293
		    u_int flags,
2294
		    const struct sockaddr *l3addr)
2295
{
2296
	const struct sockaddr_in6 *sin6;
2297
	struct nhop_object *nh;
2298
	struct in6_addr dst;
2299
	uint32_t scopeid;
2300
	char ip6buf[INET6_ADDRSTRLEN];
2301
	int fibnum;
2302

2303
	NET_EPOCH_ASSERT();
2304
	KASSERT(l3addr->sa_family == AF_INET6,
2305
	    ("sin_family %d", l3addr->sa_family));
2306

2307
	sin6 = (const struct sockaddr_in6 *)l3addr;
2308
	in6_splitscope(&sin6->sin6_addr, &dst, &scopeid);
2309
	fibnum = V_rt_add_addr_allfibs ? RT_DEFAULT_FIB : ifp->if_fib;
2310
	nh = fib6_lookup(fibnum, &dst, scopeid, NHR_NONE, 0);
2311
	if (nh && ((nh->nh_flags & NHF_GATEWAY) || nh->nh_ifp != ifp)) {
2312
		struct ifaddr *ifa;
2313
		/*
2314
		 * Create an ND6 cache for an IPv6 neighbor
2315
		 * that is not covered by our own prefix.
2316
		 */
2317
		ifa = ifaof_ifpforaddr(l3addr, ifp);
2318
		if (ifa != NULL) {
2319
			return 0;
2320
		}
2321
		log(LOG_INFO, "IPv6 address: \"%s\" is not on the network\n",
2322
		    ip6_sprintf(ip6buf, &sin6->sin6_addr));
2323
		return EINVAL;
2324
	}
2325
	return 0;
2326
}
2327

2328
static inline uint32_t
2329
in6_lltable_hash_dst(const struct in6_addr *dst, uint32_t hsize)
2330
{
2331

2332
	return (IN6_LLTBL_HASH(dst->s6_addr32[3], hsize));
2333
}
2334

2335
static uint32_t
2336
in6_lltable_hash(const struct llentry *lle, uint32_t hsize)
2337
{
2338

2339
	return (in6_lltable_hash_dst(&lle->r_l3addr.addr6, hsize));
2340
}
2341

2342
static void
2343
in6_lltable_fill_sa_entry(const struct llentry *lle, struct sockaddr *sa)
2344
{
2345
	struct sockaddr_in6 *sin6;
2346

2347
	sin6 = (struct sockaddr_in6 *)sa;
2348
	bzero(sin6, sizeof(*sin6));
2349
	sin6->sin6_family = AF_INET6;
2350
	sin6->sin6_len = sizeof(*sin6);
2351
	sin6->sin6_addr = lle->r_l3addr.addr6;
2352
}
2353

2354
static inline struct llentry *
2355
in6_lltable_find_dst(struct lltable *llt, const struct in6_addr *dst)
2356
{
2357
	struct llentry *lle;
2358
	struct llentries *lleh;
2359
	u_int hashidx;
2360

2361
	hashidx = in6_lltable_hash_dst(dst, llt->llt_hsize);
2362
	lleh = &llt->lle_head[hashidx];
2363
	CK_LIST_FOREACH(lle, lleh, lle_next) {
2364
		if (lle->la_flags & LLE_DELETED)
2365
			continue;
2366
		if (IN6_ARE_ADDR_EQUAL(&lle->r_l3addr.addr6, dst))
2367
			break;
2368
	}
2369

2370
	return (lle);
2371
}
2372

2373
static void
2374
in6_lltable_delete_entry(struct lltable *llt, struct llentry *lle)
2375
{
2376

2377
	lle->la_flags |= LLE_DELETED;
2378

2379
	/* Leave the solicited multicast group. */
2380
	if ((lle->la_flags & LLE_PUB) != 0)
2381
		in6_leave_proxy_ndp_mc(llt->llt_ifp, &lle->r_l3addr.addr6);
2382
	EVENTHANDLER_INVOKE(lle_event, lle, LLENTRY_DELETED);
2383
#ifdef DIAGNOSTIC
2384
	log(LOG_INFO, "ifaddr cache = %p is deleted\n", lle);
2385
#endif
2386
	llentry_free(lle);
2387
}
2388

2389
static struct llentry *
2390
in6_lltable_alloc(struct lltable *llt, u_int flags,
2391
	const struct sockaddr *l3addr)
2392
{
2393
	const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2394
	struct ifnet *ifp = llt->llt_ifp;
2395
	struct llentry *lle;
2396
	char linkhdr[LLE_MAX_LINKHDR];
2397
	size_t linkhdrsize;
2398
	int lladdr_off;
2399

2400
	KASSERT(l3addr->sa_family == AF_INET6,
2401
	    ("sin_family %d", l3addr->sa_family));
2402

2403
	/*
2404
	 * A route that covers the given address must have
2405
	 * been installed 1st because we are doing a resolution,
2406
	 * verify this.
2407
	 */
2408
	if (!(flags & LLE_IFADDR) &&
2409
	    in6_lltable_rtcheck(ifp, flags, l3addr) != 0)
2410
		return (NULL);
2411

2412
	lle = in6_lltable_new(&sin6->sin6_addr, flags);
2413
	if (lle == NULL) {
2414
		log(LOG_INFO, "lla_lookup: new lle malloc failed\n");
2415
		return (NULL);
2416
	}
2417
	lle->la_flags = flags;
2418
	if ((flags & LLE_IFADDR) == LLE_IFADDR) {
2419
		linkhdrsize = LLE_MAX_LINKHDR;
2420
		if (lltable_calc_llheader(ifp, AF_INET6, IF_LLADDR(ifp),
2421
		    linkhdr, &linkhdrsize, &lladdr_off) != 0) {
2422
			in6_lltable_free_entry(llt, lle);
2423
			return (NULL);
2424
		}
2425
		lltable_set_entry_addr(ifp, lle, linkhdr, linkhdrsize,
2426
		    lladdr_off);
2427
		lle->la_flags |= LLE_STATIC;
2428
	}
2429

2430
	if ((lle->la_flags & LLE_STATIC) != 0)
2431
		lle->ln_state = ND6_LLINFO_REACHABLE;
2432

2433
	return (lle);
2434
}
2435

2436
static struct llentry *
2437
in6_lltable_lookup(struct lltable *llt, u_int flags,
2438
	const struct sockaddr *l3addr)
2439
{
2440
	const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)l3addr;
2441
	int family = flags >> 16;
2442
	struct llentry *lle;
2443

2444
	LLTABLE_RLOCK_ASSERT(llt);
2445
	KASSERT(l3addr->sa_family == AF_INET6,
2446
	    ("sin_family %d", l3addr->sa_family));
2447
	KASSERT((flags & (LLE_UNLOCKED | LLE_EXCLUSIVE)) !=
2448
	    (LLE_UNLOCKED | LLE_EXCLUSIVE),
2449
	    ("wrong lle request flags: %#x", flags));
2450

2451
	lle = in6_lltable_find_dst(llt, &sin6->sin6_addr);
2452

2453
	if (__predict_false(family != AF_INET6))
2454
		lle = llentry_lookup_family(lle, family);
2455

2456
	if (lle == NULL)
2457
		return (NULL);
2458

2459
	if (flags & LLE_UNLOCKED)
2460
		return (lle);
2461

2462
	if (flags & LLE_EXCLUSIVE)
2463
		LLE_WLOCK(lle);
2464
	else
2465
		LLE_RLOCK(lle);
2466

2467
	/*
2468
	 * If the lltable lock is not held, the LLE may have been unlinked while
2469
	 * we were blocked on the LLE lock.  Check for this case.
2470
	 */
2471
	if (__predict_false((lle->la_flags & LLE_LINKED) == 0)) {
2472
		if (flags & LLE_EXCLUSIVE)
2473
			LLE_WUNLOCK(lle);
2474
		else
2475
			LLE_RUNLOCK(lle);
2476
		return (NULL);
2477
	}
2478
	return (lle);
2479
}
2480

2481
static int
2482
in6_lltable_dump_entry(struct lltable *llt, struct llentry *lle,
2483
    struct sysctl_req *wr)
2484
{
2485
	struct ifnet *ifp = llt->llt_ifp;
2486
	/* XXX stack use */
2487
	struct {
2488
		struct rt_msghdr	rtm;
2489
		struct sockaddr_in6	sin6;
2490
		/*
2491
		 * ndp.c assumes that sdl is word aligned
2492
		 */
2493
#ifdef __LP64__
2494
		uint32_t		pad;
2495
#endif
2496
		struct sockaddr_dl	sdl;
2497
	} ndpc;
2498
	struct sockaddr_dl *sdl;
2499
	int error;
2500

2501
	bzero(&ndpc, sizeof(ndpc));
2502
	/* skip deleted entries */
2503
	if ((lle->la_flags & LLE_DELETED) == LLE_DELETED)
2504
		return (0);
2505
	/* Skip if jailed and not a valid IP of the prison. */
2506
	lltable_fill_sa_entry(lle, (struct sockaddr *)&ndpc.sin6);
2507
	if (prison_if(wr->td->td_ucred, (struct sockaddr *)&ndpc.sin6) != 0)
2508
		return (0);
2509
	/*
2510
	 * produce a msg made of:
2511
	 *  struct rt_msghdr;
2512
	 *  struct sockaddr_in6 (IPv6)
2513
	 *  struct sockaddr_dl;
2514
	 */
2515
	ndpc.rtm.rtm_msglen = sizeof(ndpc);
2516
	ndpc.rtm.rtm_version = RTM_VERSION;
2517
	ndpc.rtm.rtm_type = RTM_GET;
2518
	ndpc.rtm.rtm_flags = RTF_UP;
2519
	ndpc.rtm.rtm_addrs = RTA_DST | RTA_GATEWAY;
2520
	sa6_recoverscope(&ndpc.sin6);
2521

2522
	/* publish */
2523
	if (lle->la_flags & LLE_PUB)
2524
		ndpc.rtm.rtm_flags |= RTF_ANNOUNCE;
2525

2526
	sdl = &ndpc.sdl;
2527
	sdl->sdl_family = AF_LINK;
2528
	sdl->sdl_len = sizeof(*sdl);
2529
	sdl->sdl_index = ifp->if_index;
2530
	sdl->sdl_type = ifp->if_type;
2531
	if ((lle->la_flags & LLE_VALID) == LLE_VALID) {
2532
		sdl->sdl_alen = ifp->if_addrlen;
2533
		bcopy(lle->ll_addr, LLADDR(sdl), ifp->if_addrlen);
2534
	} else {
2535
		sdl->sdl_alen = 0;
2536
		bzero(LLADDR(sdl), ifp->if_addrlen);
2537
	}
2538
	if (lle->la_expire != 0)
2539
		ndpc.rtm.rtm_rmx.rmx_expire = lle->la_expire +
2540
		    lle->lle_remtime / hz + time_second - time_uptime;
2541
	ndpc.rtm.rtm_flags |= (RTF_HOST | RTF_LLDATA);
2542
	if (lle->la_flags & LLE_STATIC)
2543
		ndpc.rtm.rtm_flags |= RTF_STATIC;
2544
	if (lle->la_flags & LLE_IFADDR)
2545
		ndpc.rtm.rtm_flags |= RTF_PINNED;
2546
	if (lle->ln_router != 0)
2547
		ndpc.rtm.rtm_flags |= RTF_GATEWAY;
2548
	ndpc.rtm.rtm_rmx.rmx_pksent = lle->la_asked;
2549
	/* Store state in rmx_weight value */
2550
	ndpc.rtm.rtm_rmx.rmx_state = lle->ln_state;
2551
	ndpc.rtm.rtm_index = ifp->if_index;
2552
	error = SYSCTL_OUT(wr, &ndpc, sizeof(ndpc));
2553

2554
	return (error);
2555
}
2556

2557
static void
2558
in6_lltable_post_resolved(struct lltable *llt, struct llentry *lle)
2559
{
2560
	/* Join the solicited multicast group for dst. */
2561
	if ((lle->la_flags & LLE_PUB) == LLE_PUB)
2562
		in6_join_proxy_ndp_mc(llt->llt_ifp, &lle->r_l3addr.addr6);
2563
}
2564

2565
static struct lltable *
2566
in6_lltattach(struct ifnet *ifp)
2567
{
2568
	struct lltable *llt;
2569

2570
	llt = lltable_allocate_htbl(IN6_LLTBL_DEFAULT_HSIZE);
2571
	llt->llt_af = AF_INET6;
2572
	llt->llt_ifp = ifp;
2573

2574
	llt->llt_lookup = in6_lltable_lookup;
2575
	llt->llt_alloc_entry = in6_lltable_alloc;
2576
	llt->llt_delete_entry = in6_lltable_delete_entry;
2577
	llt->llt_dump_entry = in6_lltable_dump_entry;
2578
	llt->llt_hash = in6_lltable_hash;
2579
	llt->llt_fill_sa_entry = in6_lltable_fill_sa_entry;
2580
	llt->llt_free_entry = in6_lltable_free_entry;
2581
	llt->llt_match_prefix = in6_lltable_match_prefix;
2582
	llt->llt_mark_used = llentry_mark_used;
2583
	llt->llt_post_resolved = in6_lltable_post_resolved;
2584
 	lltable_link(llt);
2585

2586
	return (llt);
2587
}
2588

2589
struct lltable *
2590
in6_lltable_get(struct ifnet *ifp)
2591
{
2592
	if (ifp->if_inet6 == NULL)
2593
		return (NULL);
2594

2595
	return (ifp->if_inet6->lltable);
2596
}
2597

2598
void
2599
in6_ifarrival(void *arg __unused, struct ifnet *ifp)
2600
{
2601
	struct in6_ifextra *ext;
2602

2603
	/* There are not IPv6-capable interfaces. */
2604
	switch (ifp->if_type) {
2605
	case IFT_PFLOG:
2606
	case IFT_PFSYNC:
2607
		ifp->if_inet6 = NULL;
2608
		return;
2609
	}
2610
	ext = ifp->if_inet6 = malloc(sizeof(*ext), M_IFADDR, M_WAITOK | M_ZERO);
2611
	COUNTER_ARRAY_ALLOC(ext->in6_ifstat,
2612
	    sizeof(struct in6_ifstat) / sizeof(uint64_t), M_WAITOK);
2613
	COUNTER_ARRAY_ALLOC(ext->icmp6_ifstat,
2614
	    sizeof(struct icmp6_ifstat) / sizeof(uint64_t), M_WAITOK);
2615
	nd6_ifattach(ifp);
2616
	mld_domifattach(ifp);
2617
	scope6_ifattach(ifp);
2618

2619
	ext->lltable = in6_lltattach(ifp);
2620
}
2621
EVENTHANDLER_DEFINE(ifnet_arrival_event, in6_ifarrival, NULL,
2622
    EVENTHANDLER_PRI_ANY);
2623

2624
uint32_t
2625
in6_ifmtu(const struct ifnet *ifp)
2626
{
2627
	const uint32_t
2628
	    linkmtu = ifp->if_inet6->nd_linkmtu,
2629
	    maxmtu = ifp->if_inet6->nd_maxmtu,
2630
	    ifmtu = ifp->if_mtu;
2631

2632
	if (linkmtu > 0 && linkmtu < ifmtu)
2633
		return (linkmtu);
2634
	if (maxmtu > 0 && maxmtu < ifmtu)
2635
		return (maxmtu);
2636
	return (ifmtu);
2637
}
2638

2639
/*
2640
 * Convert sockaddr_in6 to sockaddr_in.  Original sockaddr_in6 must be
2641
 * v4 mapped addr or v4 compat addr
2642
 */
2643
void
2644
in6_sin6_2_sin(struct sockaddr_in *sin, const struct sockaddr_in6 *sin6)
2645
{
2646

2647
	bzero(sin, sizeof(*sin));
2648
	sin->sin_len = sizeof(struct sockaddr_in);
2649
	sin->sin_family = AF_INET;
2650
	sin->sin_port = sin6->sin6_port;
2651
	sin->sin_addr.s_addr = sin6->sin6_addr.s6_addr32[3];
2652
}
2653

2654
/* Convert sockaddr_in to sockaddr_in6 in v4 mapped addr format. */
2655
void
2656
in6_sin_2_v4mapsin6(const struct sockaddr_in *sin, struct sockaddr_in6 *sin6)
2657
{
2658
	bzero(sin6, sizeof(*sin6));
2659
	sin6->sin6_len = sizeof(struct sockaddr_in6);
2660
	sin6->sin6_family = AF_INET6;
2661
	sin6->sin6_port = sin->sin_port;
2662
	sin6->sin6_addr.s6_addr32[0] = 0;
2663
	sin6->sin6_addr.s6_addr32[1] = 0;
2664
	sin6->sin6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
2665
	sin6->sin6_addr.s6_addr32[3] = sin->sin_addr.s_addr;
2666
}
2667

2668
/* Convert sockaddr_in6 into sockaddr_in. */
2669
void
2670
in6_sin6_2_sin_in_sock(struct sockaddr *nam)
2671
{
2672
	struct sockaddr_in *sin_p;
2673
	struct sockaddr_in6 sin6;
2674

2675
	/*
2676
	 * Save original sockaddr_in6 addr and convert it
2677
	 * to sockaddr_in.
2678
	 */
2679
	sin6 = *(struct sockaddr_in6 *)nam;
2680
	sin_p = (struct sockaddr_in *)nam;
2681
	in6_sin6_2_sin(sin_p, &sin6);
2682
}
2683

2684
/*
2685
 * Join/leave the solicited multicast groups for proxy NDP entries.
2686
 */
2687
static void
2688
in6_join_proxy_ndp_mc(struct ifnet *ifp, const struct in6_addr *dst)
2689
{
2690
	struct in6_multi *inm;
2691
	struct in6_addr mltaddr;
2692
	char ip6buf[INET6_ADDRSTRLEN];
2693
	int error;
2694

2695
	if (in6_solicited_node_maddr(&mltaddr, ifp, dst) != 0)
2696
		return;	/* error logged in in6_solicited_node_maddr. */
2697

2698
	error = in6_joingroup(ifp, &mltaddr, NULL, &inm, 0);
2699
	if (error != 0) {
2700
		nd6log((LOG_WARNING,
2701
		    "%s: in6_joingroup failed for %s on %s (errno=%d)\n",
2702
		    __func__, ip6_sprintf(ip6buf, &mltaddr), if_name(ifp),
2703
		    error));
2704
	}
2705
}
2706

2707
static void
2708
in6_leave_proxy_ndp_mc(struct ifnet *ifp, const struct in6_addr *dst)
2709
{
2710
	struct epoch_tracker et;
2711
	struct in6_multi *inm;
2712
	struct in6_addr mltaddr;
2713
	char ip6buf[INET6_ADDRSTRLEN];
2714

2715
	if (in6_solicited_node_maddr(&mltaddr, ifp, dst) != 0)
2716
		return;	/* error logged in in6_solicited_node_maddr. */
2717

2718
	NET_EPOCH_ENTER(et);
2719
	inm = in6m_lookup(ifp, &mltaddr);
2720
	NET_EPOCH_EXIT(et);
2721
	if (inm != NULL)
2722
		in6_leavegroup(inm, NULL);
2723
	else
2724
		nd6log((LOG_WARNING, "%s: in6m_lookup failed for %s on %s\n",
2725
		    __func__, ip6_sprintf(ip6buf, &mltaddr), if_name(ifp)));
2726
}
2727

2728
static bool
2729
in6_lle_match_pub(struct lltable *llt, struct llentry *lle, void *farg)
2730
{
2731
	return ((lle->la_flags & LLE_PUB) != 0);
2732
}
2733

2734
void
2735
in6_purge_proxy_ndp(struct ifnet *ifp)
2736
{
2737
	struct lltable *llt;
2738
	bool need_purge;
2739

2740
	if (ifp->if_inet6 == NULL)
2741
		return;
2742

2743
	llt = LLTABLE6(ifp);
2744
	LLTABLE_LOCK(llt);
2745
	need_purge = ((llt->llt_flags & LLT_ADDEDPROXY) != 0);
2746
	LLTABLE_UNLOCK(llt);
2747

2748
	/*
2749
	 * Ever added proxy ndp entries, leave solicited node multicast
2750
	 * before deleting the llentry.
2751
	 */
2752
	if (need_purge)
2753
		lltable_delete_conditional(llt, in6_lle_match_pub, NULL);
2754
}
2755

2756